CWE-453 - Insecure Default Variable Initialization

CWE-453

Abstraction:
Variant

Structure:
Simple

Status:
Draft

Weakness Name: Insecure Default Variable Initialization

Description: The product, by default, initializes an internal variable with an insecure or less secure value than is possible.

Common Consequences: Scope: Integrity
Impact: Modify Application Data
Notes: An attacker could gain access to and modify sensitive data or system information.

Related Weaknesses: CWE-1188Initialization of a Resource with an Insecure Default

Release Date:
2006-07-19

Latest Modification Date:
2023-10-26

Free security scan for your website

Don't show website scan report rating on the leaderboard