Tag Archives: CWE- 232

CWE-232 – Improper Handling of Undefined Values

Read Time:17 Second

Description

The software does not handle or incorrectly handles when a value is not defined or supported for the associated parameter, field, or argument name.

Modes of Introduction:

– Architecture and Design

 

 

Related Weaknesses

CWE-229

 

Consequences

Integrity: Unexpected State

 

Potential Mitigations

CVE References

  • CVE-2000-1003
    • Client crash when server returns unknown driver type.