CWE-382 - J2EE Bad Practices: Use of System.exit()
- Abstraction:Variant
- Structure:Simple
- Status:Draft
- Release Date:2006-07-19
- Latest Modification Date:2024-02-29
Weakness Name
J2EE Bad Practices: Use of System.exit()
Description
A J2EE application uses System.exit(), which also shuts down its container.
It is never a good idea for a web application to attempt to shut down the application container. Access to a function that can shut down the application is an avenue for Denial of Service (DoS) attacks.
Common Consequences
Scope: Availability
Impact: DoS: Crash, Exit, or Restart