weakness

A | B | C | D | E | F | G | H | I | J | K | L | M | N | O | P | Q | R | S | T | U | V | W | X | Y | Z

Definitions:

  Defect or characteristic that may lead to undesirable behavior.
Sources:
NIST SP 800-160v1r1 from ISO/SAE 21434:2021

  (As used in this volume) Poor coding practices, as exemplified by CWEs
Sources:
NISTIR 8011 Vol. 4

  A condition in a software, firmware, hardware, or service component that, under certain circumstances, could contribute to the introduction of vulnerabilities.
Sources:
NIST IR 8517 from MITRE CWE

  A bug or fault type that can be exploited through an operation that results in a security-relevant error.
Sources:
NIST IR 8517 from Bellay21

About

See the identified Source document to understand each term-definition pair in its proper context.

Send inquiries about terminology to the Source's authors; NIST publications will usually include a contact email for that Source.

For other inquiries, such as comments about the Glossary's presentation and functionality, use this link.

See the Glossary homepage for more guidance.