CWE-455 - Non-exit on Failed Initialization
CWE-455
- Abstraction:
- Base
- Structure:
- Simple
- Status:
- Draft
- Weakness Name
Non-exit on Failed Initialization
- Description
The product does not exit or otherwise modify its operation when security-relevant errors occur during initialization, such as when a configuration file has a format error or a hardware security module (HSM) cannot be activated, which can cause the product to execute in a less secure fashion than intended by the administrator.
- Common Consequences
Scope: Integrity, Other
Impact: Modify Application Data, Alter Execution Logic
Notes: The application could be placed in an insecure state that may allow an attacker to modify sensitive data or allow unintended logic to be executed.
- Related Weaknesses
- Release Date:
- 2006-07-19
- Latest Modification Date:
- 2023-06-29
Free security scan for your website