3 vulnerabilities classified as CWE-447 (在UI中的未实现或未支持特性). AI Chinese analysis included.
CWE-447 represents a deceptive interface weakness where a user interface element implies the presence of a security feature, such as encryption or authentication, while the underlying backend logic remains unimplemented. Attackers typically exploit this discrepancy by interacting with the visible control, assuming their actions are protected, which leads to a false sense of security. Consequently, sensitive data may be transmitted in plaintext or critical operations proceed without necessary validation, exposing the system to interception or unauthorized access. Developers can prevent this vulnerability by ensuring strict synchronization between frontend indicators and backend implementations. This requires rigorous code reviews to verify that every UI toggle or status message corresponds to an active, functioning security mechanism, thereby eliminating the risk of misleading user feedback and ensuring consistent security posture across the application.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2024-0148 | NVIDIA IGX Orin 安全漏洞 — IGX Orin | 7.6 | High | 2025-02-25 |
| CVE-2024-39533 | Junos OS: QFX5000 Series and EX4600 Series: Output firewall filter is not applied if certain match criteria are used — Junos OS | 5.8 | Medium | 2024-07-11 |
| CVE-2024-21607 | Junos OS: MX Series and EX9200 Series: If the "tcp-reset" option used in an IPv6 filter, matched packets are accepted instead of rejected — Junos OS | 5.3 | Medium | 2024-01-12 |
Vulnerabilities classified as CWE-447 (在UI中的未实现或未支持特性) represent 3 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.