logo
Home/CWEs/CWE-382/

CWE-382 - J2EE Bad Practices: Use of System.exit()

  • Abstraction:Variant
  • Structure:Simple
  • Status:Draft
  • Release Date:2006-07-19
  • Latest Modification Date:2024-02-29

Weakness Name

J2EE Bad Practices: Use of System.exit()

Description

A J2EE application uses System.exit(), which also shuts down its container.

It is never a good idea for a web application to attempt to shut down the application container. Access to a function that can shut down the application is an avenue for Denial of Service (DoS) attacks.

Common Consequences

Scope: Availability

Impact: DoS: Crash, Exit, or Restart

Related Weaknesses

CWE-705Incorrect Control Flow Scoping