CWE-248 - Uncaught Exception

CWE-248

Abstraction:
Base

Structure:
Simple

Status:
Draft

Weakness Name: Uncaught Exception

Description: An exception is thrown from a function, but it is not caught.
When an exception is not caught, it may cause the program to crash or expose sensitive information.

Common Consequences: Scope: Availability, Confidentiality
Impact: DoS: Crash, Exit, or Restart, Read Application Data
Notes: An uncaught exception could cause the system to be placed in a state that could lead to a crash, exposure of sensitive information or other unintended behaviors.

Related Weaknesses

CWE-703Improper Check or Handling of Exceptional Conditions

CWE-705Incorrect Control Flow Scoping

CWE-755Improper Handling of Exceptional ConditionsMedium

Release Date:
2006-07-19

Latest Modification Date:
2024-02-29

Free security scan for your website

Don't show website scan report rating on the leaderboard