Home/CWEs/CWE info/

CWE-1110 - Incomplete Design Documentation

Abstraction:
Base

Structure:
Simple

Status:
Incomplete

Weakness Name: Incomplete Design Documentation

Description: The product's design documentation does not adequately describe control flow, data flow, system initialization, relationships between tasks, components, rationales, or other important aspects of the design.

Related Weaknesses: CWE-1059Insufficient Technical Documentation

Release Date:
2019-01-03

Latest Modification Date:
2024-02-29

Top Security News

SonicWall Urges Immediate Patch for Critical CVE-2025-23006 Flaw Amid Likely Exploitation

Hackers exploit 16 zero-days on first day of Pwn2Own Automotive 2025

Apple Patches Actively Exploited Zero-Day Affecting iPhones, Macs, and More

Garmin GPS watches crashing, stuck in triangle 'reboot loop'

Cloudflare CDN flaw leaks user location data, even through secure chat apps

Beware: Fake CAPTCHA Campaign Spreads Lumma Stealer in Multi-Industry Attacks

5,000+ SonicWall firewalls still open to attack (CVE-2024-53704)

Microsoft deprecates PPTP and L2TP VPN protocols in Windows Server

Top Alert List

Content Security Policy (CSP) Header Not Set

CSP

MediumMissing Anti-clickjacking Header

MediumAbsence of Anti-CSRF Tokens

InformationalInformation Disclosure - Suspicious Comments

MediumContent Security Policy (CSP) Header Not Set

InformationalModern Web Application

LowCross-Domain JavaScript Source File Inclusion

InformationalRe-examine Cache-control Directives

LowX-Content-Type-Options Header Missing

Top CVE List

CVE-2024-47575 Fortinet FortiManager Missing Authentication Vulnerability

CVE-2024-50603 Aviatrix Controllers OS Command Injection Vulnerability

CVE-2020-11023 JQuery Cross-Site Scripting (XSS) Vulnerability

CVE-2024-44308 Apple Multiple Products Code Execution Vulnerability

CVE-2021-33045 Dahua IP Camera Authentication Bypass Vulnerability

CVE-2025-23006 SonicWall SMA1000 Appliances Deserialization Vulnerability

CVE-2022-34713 Microsoft Windows Support Diagnostic Tool (MSDT) Remote Code Execution Vulnerability

CVE-2024-20359 Cisco ASA and FTD Privilege Escalation Vulnerability

CVE-2024-43491 Microsoft Windows Update Use-After-Free Vulnerability

CVE-2024-55591 Fortinet FortiOS and FortiProxy Authentication Bypass Vulnerability

Top CWE List

CWE-693 Protection Mechanism Failure

HighCWE-200 Exposure of Sensitive Information to an Unauthorized Actor

MediumCWE-352 Cross-Site Request Forgery (CSRF)

CWE-284 Improper Access Control

HighCWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

CWE-1021 Improper Restriction of Rendered UI Layers or Frames

CWE-1426 Improper Validation of Generative AI Output

CWE-304 Missing Critical Step in Authentication

CWE-1053 Missing Documentation for Design

CWE-307 Improper Restriction of Excessive Authentication Attempts

Free online web security scanner

Don't show website scan report rating on the leaderboard

CWE-1110 - Incomplete Design Documentation

The product's design documentation does not adequately describe control flow, data flow, system initialization, relationships between tasks, components, rationales, or other important aspects of the design.