CWE-1188 - Initialization of a Resource with an Insecure Default

  • Abstraction:Base
  • Structure:Simple
  • Status:Incomplete
  • Release Date:2019-06-20
  • Latest Modification Date:2025-12-11

Weakness Name

Initialization of a Resource with an Insecure Default

Description

The product initializes or sets a resource with a default that is intended to be changed by the product's installer, administrator, or maintainer, but the default is not secure.

Common Consequences

Scope: Other

Impact: Varies by Context

Notes: The impact of insecure defaults varies widely depending on the functionality that the product controls.

Related Weaknesses

CWE-344Use of Invariant Value in Dynamically Changing Context

CWE-665Improper InitializationMedium

CWE-1419Incorrect Initialization of Resource