The product calls a function, procedure, or routine, but the caller specifies an argument that contains the wrong value, which may lead to resultant weaknesses.

What CVEs are caused by CWE-687?

2 recorded CVEs are attributed to CWE-687, including CVE-2024-36985, CVE-2024-49603.

How is CWE-687 detected?

Manual Static Analysis: This might require an understanding of intended program behavior or design to determine whether the value is incorrect.

What are the consequences of CWE-687?

Exploiting CWE-687 can lead to: Quality Degradation.

Is CWE-687 actively exploited?

2 recorded CVEs are caused by CWE-687; none are currently in CISA's KEV catalog of actively exploited flaws.

CWE-687: Function Call With Incorrectly Specified Argument Value

Implementation

Code examples

Illustrative examples from MITRE showing how the weakness appears in code.

This Perl code intends to record whether a user authenticated successfully or not, and to exit if the user fails to authenticate. However, when it calls ReportAuth(), the third argument is specified as 0 instead of 1, so it does not exit.

Vulnerable example

perl

sub ReportAuth {

CWE-687: Function Call With Incorrectly Specified Argument Value

Overview

Real-world CVEs

Common consequences

How it happens

When it is introduced

How to detect it

Manual Static Analysis

Code examples

Terminology & mappings

Mapped taxonomies

Frequently asked questions

What is CWE-687?

What CVEs are caused by CWE-687?

How is CWE-687 detected?

What are the consequences of CWE-687?

Is CWE-687 actively exploited?

References

Stay ahead of CWE-687

Overview

Real-world CVEs

Common consequences

How it happens

When it is introduced

How to detect it

Manual Static Analysis

Code examples

Related weaknesses

Parent

Child

Terminology & mappings

Mapped taxonomies

Frequently asked questions

What is CWE-687?

What CVEs are caused by CWE-687?

How is CWE-687 detected?

What are the consequences of CWE-687?

Is CWE-687 actively exploited?

References

Stay ahead of CWE-687