CWE-1038 - Insecure Automated Optimizations
- Abstraction:Class
- Structure:Simple
- Status:Draft
- Release Date:2018-03-29
- Latest Modification Date:2023-10-26
Weakness Name
Insecure Automated Optimizations
Description
The product uses a mechanism that automatically optimizes code, e.g. to improve a characteristic such as performance, but the optimizations can have an unintended side effect that might violate an intended security assumption.
Common Consequences
Scope: Integrity
Impact: Alter Execution Logic
Notes: The optimizations alter the order of execution resulting in side effects that were not intended by the original developer.
Related Weaknesses
CWE-435Improper Interaction Between Multiple Correctly-Behaving Entities
CWE-758Reliance on Undefined, Unspecified, or Implementation-Defined Behavior