CWE · MITRE source
CWE-684Incorrect Provision of Specified Functionality
The code does not function according to its published specifications, potentially leading to incorrect usage.
When providing functionality to an external party, it is important that the product behaves in accordance with the details specified. When requirements of nuances are not documented, the functionality may produce unintended behaviors for the caller, possibly leading to an exploitable state.
Last updated: 04 July 2026 00:28 UTC
Cumulative inbound coverage
How completely the frameworks we cross-walk collectively cover this — the verdict is the strongest single mapping (overlapping partials are not summed); breadth shows the corroboration behind it.
Collective: partial · 1 mapping(s) from 1 framework(s): STIG rhel 9 1 (partial)
NIST 800-53 r5 controls that address this weakness (1)AI
| Control | Title | Family | Why it addresses this CWE |
|---|---|---|---|
SI-6 | Security and Privacy Function Verification | SI | Periodic checks confirm that specified security and privacy functions are actually provided and operating. |
Top CVEs of this weakness type, ranked by Risk Priority
| CVE | Risk | CVSS | EPSS | Published |
|---|---|---|---|---|
CVE-2023-24845 | 7.0 | 9.1 | 0.0058 | 2023-08-08 |
CVE-2024-6425 | 7.0 | 9.1 | 0.0054 | 2024-07-01 |
CVE-2024-50357 | 7.0 | 9.8 | 0.0056 | 2024-11-29 |
CVE-2023-4258 | 5.5 | 8.6 | 0.0047 | 2023-09-25 |
CVE-2023-5363 | 5.5 | 7.5 | 0.0333 | 2023-10-25 |
CVE-2024-20317 | 5.5 | 7.4 | 0.0024 | 2024-09-11 |
CVE-2025-47227 UPD | 5.5 | 7.5 | 0.0196 | 2025-07-05 |
CVE-2025-58325 | 5.5 | 8.2 | 0.0028 | 2025-10-14 |
CVE-2025-66384 | 5.5 | 8.2 | 0.0032 | 2025-11-28 |
CVE-2026-30791 | 5.5 | 7.5 | 0.0024 | 2026-03-05 |
CVE-2026-3598 | 5.5 | 7.5 | 0.0023 | 2026-03-05 |
CVE-2026-34478 | 5.5 | 7.5 | 0.0083 | 2026-04-10 |
CVE-2026-42255 | 5.5 | 7.2 | 0.0021 | 2026-04-26 |
CVE-2020-11054 | 3.5 | 3.5 | 0.0128 | 2020-05-07 |
CVE-2022-23728 | 3.5 | 6.1 | 0.0010 | 2022-01-21 |
CVE-2023-5158 | 3.5 | 6.5 | 0.0020 | 2023-09-25 |
CVE-2024-6502 | 3.5 | 5.7 | 0.0035 | 2024-08-22 |
CVE-2024-5005 | 3.5 | 4.3 | 0.0037 | 2024-10-11 |
CVE-2025-54567 UPD | 3.5 | 4.2 | 0.0024 | 2025-07-25 |
CVE-2026-40684 | 3.5 | 5.9 | 0.0036 | 2026-04-30 |
CVE-2026-40685 | 3.5 | 6.5 | 0.0032 | 2026-04-30 |
CVE-2024-8974 | 1.5 | 2.6 | 0.0028 | 2024-09-26 |
CVE-2025-54568 UPD | 1.5 | 3.7 | 0.0033 | 2025-07-25 |
CVE-2025-55174 | 1.5 | 3.2 | 0.0012 | 2025-11-26 |
CVE-2026-35379 | 1.5 | 3.3 | 0.0015 | 2026-04-22 |