Initialization and Cleanup Errors

A category in the Common Weakness Enumeration published by The MITRE Corporation.


Summary

Categories in the Common Weakness Enumeration (CWE) group entries based on some common characteristic or attribute.

Weaknesses in this category occur in behaviors that are used for initialization and breakdown.

Weaknesses

Excessive Use of Hard-Coded Literals in Initialization

The product initializes a data element using a hard-coded literal that is not a simple integer or static constant element.

External Initialization of Trusted Variables or Data Stores

The product initializes critical internal variables or data stores using inputs that can be modified by untrusted actors.

Improper Removal of Sensitive Information Before Storage or Transfer

The product stores, transfers, or shares a resource that contains sensitive information, but it does not properly remove that information before the product makes the ...

Incomplete Cleanup

The product does not properly "clean up" and remove temporary or supporting resources after they have been used.

Initialization with Hard-Coded Network Resource Configuration Data

The product initializes data using hard-coded values that act as network resource identifiers.

Insecure Default Initialization of Resource

The product initializes or sets a resource with a default that is intended to be changed by the administrator, but the default is not secure.

Non-exit on Failed Initialization

The product does not exit or otherwise modify its operation when security-relevant errors occur during initialization, such as when a configuration file has a format e...

Concepts

Software Development

This view organizes weaknesses around concepts that are frequently used or encountered in software development. This includes all aspects of the software development l...


Common Weakness Enumeration content on this website is copyright of The MITRE Corporation unless otherwise specified. Use of the Common Weakness Enumeration and the associated references on this website are subject to the Terms of Use as specified by The MITRE Corporation.