logo

Obsolete Feature in UI

Draft Base
Structure: Simple
Description

This vulnerability occurs when a user interface (UI) includes outdated or deprecated features, but fails to alert users about their obsolete status. This can mislead users into relying on functionality that may be broken, unsupported, or pose a security risk.

Extended Description

Obsolete UI features are problematic because they create a mismatch between user expectations and system reality. Users might depend on these features for critical tasks, unaware that the underlying code may be unstable, removed from backend services, or no longer receiving security updates. This reliance can lead to unexpected errors, data loss, or expose attack surfaces that developers are no longer monitoring. To prevent this, development teams should implement a clear feature lifecycle within the UI. Actively deprecate old elements by adding visual warnings (like strikethrough text, 'Deprecated' badges, or tooltips) that inform users and guide them toward modern alternatives. Regularly audit the UI against backend API changes and establish a process for removing legacy features entirely after a communicated sunset period.
Common Consequences 1
Scope: Other

Impact: Quality DegradationVaries by Context
Potential Mitigations 1
Phase: Architecture and Design
Remove the obsolete feature from the UI. Warn the user that the feature is no longer supported.
Applicable Platforms
Languages:
Not Language-Specific : Undetermined
Modes of Introduction
Implementation
Related Weaknesses
ChildOf: UI Discrepancy for Security Feature (CWE-446)
Taxonomy Mapping
  • PLOVER