: [Non-DoD Source] Re: Request for CWE: Improper Licensing
(UNCLASSIFIED)
What if a license has a clause that requires an insecure or problematic
setting/configuration/behavior? Someone did a parody licence called the "
Insecure License" but I wouldn't put it past sometime to hav
nder your direct control where it’s already running.
>> Availability of the software in this case is not affected by a “coding
>> weakness,” but by your organizational response to social, legal, and
>> economic pressure.
>>
>>
>>
>> If we put license issues in
oguski
Date: Thursday, November 9, 2023 at 1:45 PM
To: Hood, Jonathan W CTR USARMY DEVCOM AVMC (USA)
Cc: Hatfield, Arthur , CWE Research Discussion
Subject: [EXTERNAL] Re: [EXT] RE: [Non-DoD Source] Re: Request for CWE:
Improper Licensing (UNCLASSIFIED)
Hi Jon, Thank you for accepting different opin
SP*
>
> *The Home Depot | **Cyber Threat Intelligence*
>
> * arthur_hatfi...@homedepot.com
>
> * c...@homedepot.com
>
>
>
>
>
>
>
>
>
>
>
> INTERNAL USE
>
> *From: *Hood, Jonathan W CTR USARMY DEVCOM AVMC (USA) <
> jonathan.w.hoo
list@mitre.org> >
Subject: [EXTERNAL] [EXT] RE: [Non-DoD Source] Re: Request for CWE: Improper
Licensing (UNCLASSIFIED)
I respectfully disagree with this. Using a license incorrectly causes an
availability issue directly, and availability is one of the cybersecurity
principles that represe
i , Steven M Christey
Cc: CWE Research Discussion
Subject: [EXTERNAL] [EXT] RE: [Non-DoD Source] Re: Request for CWE: Improper
Licensing (UNCLASSIFIED)
I respectfully disagree with this. Using a license incorrectly causes an
availability issue directly, and availability is one of the c
I respectfully disagree with this. Using a license incorrectly causes an
availability issue directly, and availability is one of the cybersecurity
principles that represent weaknesses and vulnerabilities by the definitions I
am aware of.
Can you please help me understand what definition CWE