ClassIncomplete

CWE-841Improper Enforcement of Behavioral Workflow

Category: other

Description

The product supports a session in which more than one behavior must be performed by an actor, but it does not properly ensure that the actor performs the behaviors in the required sequence.

Common consequences· 1

  • Other — Alter Execution Logic
    An attacker could cause the product to skip critical steps or perform them in the wrong order, bypassing its intended business logic. This can sometimes have security implications.

References

  1. https://cwe.mitre.org/data/definitions/841.html

(incoming)7

TypeTargetConfidenceTier
VulnerabilityCVE-2025-48476cve-2025-484760%live
VulnerabilityCVE-2025-48477cve-2025-484770%live
VulnerabilityCVE-2025-48481cve-2025-484810%live
VulnerabilityCVE-2026-30783cve-2026-307830%live
VulnerabilityCVE-2026-3130cve-2026-31300%live
VulnerabilityCVE-2026-34582cve-2026-345820%live
VulnerabilityCVE-2026-43937cve-2026-439370%live

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CWE
Exposure of Data Element to Wrong Session
CWE
Incorrect Control Flow Scoping
CWE
Improper Authorization
CWE
Incorrect Authorization
CWE
Improper Privilege Management
CWE
Missing Authorization
Sourced from MITRE CWE 4.20. Curated for EU compliance use cases by Adam Lundqvist, Founder at SQUR.