CWE-456βMissing Initialization of a Variable
PUBLISHEDweakness record
released 2006-07-19 Β· last modified 2025-12-11
Metadata
- CWE ID:
- CWE-456
- Abstraction:
- Variant
- Structure:
- Simple
- Status:
- Draft
- Release Date:
- 2006-07-19
- Latest Modification Date:
- 2025-12-11
Weakness Name
Missing Initialization of a Variable
Description
The product does not initialize critical variables, which causes the execution environment to use unexpected values.
Common Consequences
- Scope:
- Integrity, Other
- Impact:
- Unexpected State, Quality Degradation, Varies by Context
- Notes:
- The uninitialized data may be invalid, causing logic errors within the program. In some cases, this could result in a security problem.