CWE-1188

Initialization of a Resource with an Insecure Default

Base

Incomplete

Description

The product initializes or sets a resource with a default that is intended to be changed by the product's installer, administrator, or maintainer, but the default is not secure.

Parent Weaknesses (ChildOf)

CWE-1419: Incorrect Initialization of Re...

CWE-344: Use of Invariant Value in Dyna...

CWE-665: Improper Initialization...

Common Consequences

Scope

Other

Impact

Varies by Context

CVE-2022-36349

insecure default variable initialization in BIOS firmware for a hardware board allows DoS

CVE-2022-42467

A generic database browser interface has a default mode that exposes a web server to the network, allowing queries to the database.

Applicable Platforms

Not Language-Specific

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CWE-1188

Initialization of a Resource with an Insecure Default

Description

Relationships

Common Consequences

Related CVEs

Applicable Platforms