The product, by default, initializes an internal variable with an insecure or less secure value than is possible.
abstraction Variant
status Draft
The product initializes critical internal variables or data stores using inputs that can be modified by untrusted actors.
abstraction Base
status Draft
The product does not exit or otherwise modify its operation when security-relevant errors occur during initialization, such as when a configuration file has a format error or a hardware security module (HSM) cannot be activated, which can cause the product to execute in a less secure fashion than intended by the administrator.
abstraction Base
status Draft
The product does not initialize critical variables, which causes the execution environment to use unexpected values.
abstraction Variant
status Draft
The code uses a variable that has not been initialized, leading to unpredictable or unintended results.
abstraction Variant
status Draft
This weakness has been deprecated because its name and description did not match. The description duplicated CWE-454, while the name suggested a more abstract initialization problem. Please refer to CWE-665 for the more abstract problem.
abstraction Base
status Deprecated
The product does not properly "clean up" and remove temporary or supporting resources after they have been used.
abstraction Base
status Draft
The product does not clean up its state or incorrectly cleans up its state when an exception is thrown, leading to unexpected state or control flow.
abstraction Base
status Draft
Duplicate keys in associative lists can lead to non-unique keys being mistaken for an error.
abstraction Variant
status Incomplete
The accidental deletion of a data-structure sentinel can cause serious programming logic problems.
abstraction Base
status Incomplete
The accidental addition of a data-structure sentinel can cause serious programming logic problems.
abstraction Base
status Incomplete
A function can return a pointer to memory that is outside of the buffer that the pointer is expected to reference.
abstraction Base
status Draft
The code calls sizeof() on a pointer type, which can be an incorrect calculation if the programmer intended to determine the size of the data that is being pointed to.
abstraction Variant
status Draft
In C and C++, one may often accidentally refer to the wrong memory due to the semantics of when math operations are implicitly scaled.
abstraction Base
status Incomplete
The product subtracts one pointer from another in order to determine size, but this calculation can be incorrect if the pointers do not exist in the same memory chunk.
abstraction Base
status Draft
The product uses external input with reflection to select which classes or code to use, but it does not sufficiently prevent the input from selecting improper classes or code.
abstraction Base
status Draft
The product does not properly protect an assumed-immutable element from being modified by an attacker.
abstraction Base
status Draft
The web application does not sufficiently verify inputs that are assumed to be immutable but are actually externally controllable, such as hidden form fields.
abstraction Base
status Draft
A PHP application does not properly protect against the modification of variables from external sources, such as query parameters or cookies. This can expose the application to numerous weaknesses that would not exist otherwise.
abstraction Variant
status Draft
The code uses a function that has inconsistent implementations across operating systems and versions.
abstraction Base
status Draft
The behavior of this function is undefined unless its control parameter is set to a specific value.
abstraction Base
status Incomplete
The product dereferences a pointer that it expects to be valid but is NULL.
abstraction Base
status Stable
The code uses deprecated or obsolete functions, which suggests that the code has not been actively reviewed or maintained.
abstraction Base
status Draft
The code does not have a default case in an expression with multiple conditions, such as a switch statement.
abstraction Base
status Draft
The product defines a signal handler that calls a non-reentrant function.
abstraction Variant
status Draft
The product accidentally uses the wrong operator, which changes the logic in security-relevant ways.
abstraction Base
status Draft
The code uses an operator for assignment when the intention was to perform a comparison.
abstraction Variant
status Draft
The code uses an operator for comparison when the intention was to perform an assignment.
abstraction Variant
status Draft
The code does not explicitly delimit a block that is intended to contain 2 or more statements, creating a logic error.
abstraction Base
status Draft
The product omits a break statement within a switch or similar construct, causing code associated with multiple conditions to execute. This can cause problems when the programmer only intended to execute code associated with one condition.
abstraction Base
status Draft
The product compares classes by name, which can cause it to use the wrong class when multiple classes can have the same name.
abstraction Variant
status Draft
Java packages are not inherently closed; therefore, relying on them for code security is not a good practice.
abstraction Base
status Incomplete
The product does not sufficiently enforce boundaries between the states of different sessions, causing data to be provided to, or used by, the wrong session.
abstraction Base
status Draft
The product is released with debugging code still enabled or active.
abstraction Base
status Draft
A class has a cloneable() method that is not declared final, which allows an object to be created without calling the constructor. This can cause the object to be in an unexpected state.
abstraction Variant
status Draft
Inner classes are translated into classes that are accessible at package scope and may expose code that the programmer intended to keep private to attackers.
abstraction Variant
status Draft
The product has a critical public variable that is not final, which allows the variable to be modified to contain unexpected values.
abstraction Variant
status Draft
The product downloads source code or an executable from a remote location and executes the code without sufficiently verifying the origin and integrity of the code.
abstraction Base
status Draft
The product has a method that is declared public, but returns a reference to a private data structure, which could then be modified in unexpected ways.
abstraction Variant
status Draft
Assigning public data to a private array is equivalent to giving public access to the array.
abstraction Variant
status Incomplete
The product does not properly prevent sensitive system-level information from being accessed by unauthorized actors who do not have the same level of access to the underlying system as the product does.
abstraction Base
status Incomplete
The code contains a class with sensitive data, but the class is cloneable. The data can then be accessed by cloning the class.
abstraction Variant
status Draft
The code contains a class with sensitive data, but the class does not explicitly deny serialization. The data can be accessed by serializing the class through another class.
abstraction Variant
status Draft
An object contains a public static field that is not marked final, which might allow it to be modified in unexpected ways.
abstraction Variant
status Draft
The product mixes trusted and untrusted data in the same data structure or structured message.
abstraction Base
status Draft
The product deserializes untrusted data without sufficiently ensuring that the resulting data will be valid.
abstraction Base
status Draft
The product contains code that appears to be malicious in nature.
abstraction Class
status Incomplete
The product appears to contain benign or useful functionality, but it also contains code that is hidden from normal operation that violates the intended security policy of the user or the system administrator.
abstraction Base
status Incomplete
Non-replicating malicious code only resides on the target system or product that is attacked; it does not attempt to spread to other systems.
abstraction Base
status Incomplete
Replicating malicious code, including viruses and worms, will attempt to attack other systems once it has successfully compromised the target system or the product.
abstraction Base
status Incomplete
A trapdoor is a hidden piece of code that responds to a special input, allowing its user access to resources without passing through the normal security enforcement mechanism.
abstraction Base
status Incomplete
The product contains code that is designed to disrupt the legitimate operation of the product (or its environment) when a certain time passes, or when a certain logical condition is met.
abstraction Base
status Incomplete
The product collects personally identifiable information about a human user or the user's activities, but the product accesses this information using other resources besides itself, and it does not require that user's explicit approval or direct input into the product.
abstraction Base
status Incomplete
A covert channel is a path that can be used to transfer information in a way not intended by the system's designers.
abstraction Class
status Incomplete
A covert storage channel transfers information through the setting of bits by one program and the reading of those bits by another. What distinguishes this case from that of ordinary operation is that the bits are used to convey encoded information.
abstraction Base
status Incomplete
This weakness can be found at CWE-385.
abstraction Base
status Deprecated
Allowing a .NET application to run at potentially escalated levels of access to the underlying operating and file systems can be dangerous and result in various forms of attacks.
abstraction Variant
status Incomplete
The product does not require that users should have strong passwords.
abstraction Base
status Draft
The product transmits or stores authentication credentials, but it uses an insecure method that is susceptible to unauthorized interception and/or retrieval.
abstraction Class
status Incomplete
Login pages do not use adequate measures to protect the user name and password while they are in transit from the client to the server.
abstraction Base
status Incomplete
The code uses a cache that contains sensitive information, but the cache can be read by an actor outside of the intended control sphere.
abstraction Base
status Incomplete
The web application does not use an appropriate caching policy that specifies the extent to which each web page and associated form fields should be cached.
abstraction Variant
status Incomplete
The product uses an environment variable to store unencrypted sensitive information.
abstraction Variant
status Incomplete
The product stores a CVS, git, or other repository in a directory, archive, or other resource that is stored, transferred, or otherwise made accessible to unauthorized actors.
abstraction Variant
status Incomplete
The product generates a core dump file in a directory, archive, or other resource that is stored, transferred, or otherwise made accessible to unauthorized actors.
abstraction Variant
status Draft
The product stores access control list files in a directory or other container that is accessible to actors outside of the intended control sphere.
abstraction Variant
status Incomplete
A backup file is stored in a directory or archive that is made accessible to unauthorized actors.
abstraction Variant
status Incomplete
Accessible test applications can pose a variety of security risks. Since developers or administrators rarely consider that someone besides themselves would even know about the existence of these applications, it is common for them to contain sensitive information or functions.
abstraction Variant
status Incomplete
The product writes sensitive information to a log file.
abstraction Base
status Incomplete
This entry has been deprecated because its abstraction was too low-level. See CWE-532.
abstraction Variant
status Deprecated
This entry has been deprecated because its abstraction was too low-level. See CWE-532.
abstraction Variant
status Deprecated
A command shell error message indicates that there exists an unhandled exception in the web application code. In many cases, an attacker can leverage the conditions that cause these errors in order to gain unauthorized access to the system.
abstraction Variant
status Incomplete
A servlet error message indicates that there exists an unhandled exception in the web application code and may provide useful information to an attacker.
abstraction Variant
status Incomplete
In many cases, an attacker can leverage the conditions that cause unhandled exception errors in order to gain unauthorized access to the system.
abstraction Variant
status Incomplete
The product places sensitive information into files or directories that are accessible to actors who are allowed to have access to the files, but not to the sensitive information.
abstraction Base
status Draft
The web application uses persistent cookies, but the cookies contain sensitive information.
abstraction Variant
status Incomplete
Source code on a web server or repository often contains sensitive information and should generally not be accessible to users.
abstraction Base
status Incomplete
If an include file source is accessible, the file can contain usernames and passwords, as well as sensitive information pertaining to the application and system.
abstraction Variant
status Incomplete
This entry has been deprecated because its abstraction was too low-level. See CWE-532.
abstraction Variant
status Deprecated
The product uses the singleton pattern when creating a resource within a multithreaded environment.
abstraction Variant
status Incomplete