The product calls a function, procedure, or routine, but the caller specifies an argument that contains the wrong value, which may lead to resultant weaknesses.
View on MITRENo mitigation information available for this CWE.
This might require an understanding of intended program behavior or design to determine whether the value is incorrect.
This Perl code intends to record whether a user authenticated successfully or not, and to exit if the user fails to authenticate. However, when it calls ReportAuth(), the third argument is specified as 0 instead of 1, so it does not exit.
No relationship information available for this CWE.
CWE-687: Function Call With Incorrectly Specified Argument Value is a Common Weakness Enumeration (CWE) entry maintained by MITRE. The product calls a function, procedure, or routine, but the caller specifies an argument that contains the wrong value, which may lead to resultant weaknesses.
If exploited, CWE-687 (Function Call With Incorrectly Specified Argument Value) it can compromise Other, leading to outcomes such as Quality Degradation.
CWE-687 can be detected using Manual Static Analysis. Combining automated tooling with manual review typically yields the best coverage.
A CWE (Common Weakness Enumeration) like CWE-687 describes a category of software weakness — the underlying flaw type. A CVE (Common Vulnerabilities and Exposures) identifies a specific, real-world vulnerability in a particular product. In short, a CWE is the kind of mistake, and a CVE is an instance of that mistake being found in software.