CWE - CWE-292: DEPRECATED: Trusting Self-reported DNS Name (4.16)

Weakness ID: 292

Vulnerability Mapping: PROHIBITED This CWE ID must not be used to map to real-world vulnerabilities
Abstraction: Variant Variant - a weakness that is linked to a certain type of product, typically involving a specific language or technology. More specific than a Base weakness. Variant level weaknesses typically describe issues in terms of 3 to 5 of the following dimensions: behavior, property, technology, language, and resource.

View customized information:

For users who are interested in more notional aspects of a weakness. Example: educators, technical writers, and project/program managers. For users who are concerned with the practical application and details about the nature of a weakness and how to prevent it from happening. Example: tool developers, security researchers, pen-testers, incident response analysts. For users who are mapping an issue to CWE/CAPEC IDs, i.e., finding the most appropriate CWE for a specific issue (e.g., a CVE record). Example: tool developers, security researchers. For users who wish to see all available information for the CWE/CAPEC entry. For users who want to customize what details are displayed.

Description

This entry has been deprecated because it was a duplicate of CWE-350. All content has been transferred to CWE-350.

Vulnerability Mapping Notes

Usage: PROHIBITED

(this CWE ID must not be used to map to real-world vulnerabilities)

Reason: Deprecated

Rationale:

This CWE has been deprecated.

Comments:

See description and name for possible suggestions of other CWEs to consider.

Content History

Submissions
Submission Date	Submitter	Organization
2006-07-19 (CWE Draft 3, 2006-07-19)	CLASP
2006-07-19 (CWE Draft 3, 2006-07-19)
Modifications
Modification Date	Modifier	Organization
2008-09-08	CWE Content Team	MITRE
2008-09-08	updated Common_Consequences, Relationships, Other_Notes, Taxonomy_Mappings
2009-05-27	CWE Content Team	MITRE
2009-05-27	updated Demonstrative_Examples
2009-10-29	CWE Content Team	MITRE
2009-10-29	updated Observed_Examples
2010-09-27	CWE Content Team	MITRE
2010-09-27	updated Potential_Mitigations
2011-06-01	CWE Content Team	MITRE
2011-06-01	updated Common_Consequences
2012-05-11	CWE Content Team	MITRE
2012-05-11	updated Demonstrative_Examples, Relationships
2013-06-23	CWE Content Team	MITRE
2013-06-23	CWE-247 and CWE-292 deprecated and merged into CWE-350 to address duplicates.
2013-07-17	CWE Content Team	MITRE
2013-07-17	updated Applicable_Platforms, Common_Consequences, Demonstrative_Examples, Description, Name, Observed_Examples, Other_Notes, Potential_Mitigations, Related_Attack_Patterns, Relationships, Taxonomy_Mappings, Time_of_Introduction, Type
2014-07-30	CWE Content Team	MITRE
2014-07-30	updated Taxonomy_Mappings
2021-03-15	CWE Content Team	MITRE
2021-03-15	updated Likelihood_of_Exploit, Taxonomy_Mappings
2021-07-20	CWE Content Team	MITRE
2021-07-20	updated Name
2023-06-29	CWE Content Team	MITRE
2023-06-29	updated Mapping_Notes
Previous Entry Names
Change Date	Previous Entry Name
2013-07-17	Trusting Self-reported DNS Name
2021-07-20	DEPRECATED (Duplicate): Trusting Self-reported DNS Name


	Site Map \| Terms of Use \| Manage Cookies \| Cookie Notice \| Privacy Policy \| Contact Us \| Use of the Common Weakness Enumeration (CWE™) and the associated references from this website are subject to the Terms of Use. CWE is sponsored by the U.S. Department of Homeland Security (DHS) Cybersecurity and Infrastructure Security Agency (CISA) and managed by the Homeland Security Systems Engineering and Development Institute (HSSEDI) which is operated by The MITRE Corporation (MITRE). Copyright © 2006–2024, The MITRE Corporation. CWE, CWSS, CWRAF, and the CWE logo are trademarks of The MITRE Corporation.

Common Weakness Enumeration

CWE-292: DEPRECATED: Trusting Self-reported DNS Name

Edit Custom Filter