CWE-456β€”Missing Initialization of a Variable

PUBLISHEDweakness record
released 2006-07-19 Β· last modified 2025-12-11

Metadata

CWE ID:
CWE-456
Abstraction:
Variant
Structure:
Simple
Status:
Draft
Release Date:
2006-07-19
Latest Modification Date:
2025-12-11

Weakness Name

Missing Initialization of a Variable

Description

The product does not initialize critical variables, which causes the execution environment to use unexpected values.

Common Consequences

Scope:
Integrity, Other
Impact:
Unexpected State, Quality Degradation, Varies by Context
Notes:
The uninitialized data may be invalid, causing logic errors within the program. In some cases, this could result in a security problem.

Related Weaknesses