CWE-453 - Insecure Default Variable Initialization
- Abstraction:Variant
- Structure:Simple
- Status:Draft
- Release Date:2006-07-19
- Latest Modification Date:2023-10-26
Weakness Name
Insecure Default Variable Initialization
Description
The product, by default, initializes an internal variable with an insecure or less secure value than is possible.
Common Consequences
Scope: Integrity
Impact: Modify Application Data
Notes: An attacker could gain access to and modify sensitive data or system information.
Related Weaknesses
CWE-1188Initialization of a Resource with an Insecure Default