CWE-1106: Insufficient Use of Symbolic Constants
The source code uses literal constants that may need to change or evolve over time, instead of using symbolic constants.
Last updated
Overview
CWE-1106 (Insufficient Use of Symbolic Constants) is a base-level software weakness catalogued by MITRE in the Common Weakness Enumeration (CWE). It describes a recurring type of mistake that can lead to exploitable security vulnerabilities.
Real-world CVEs
1 recorded CVEs are caused by CWE-1106 (Insufficient Use of Symbolic Constants). The highest-severity and most recent are shown first.
Common consequences
What can happen when CWE-1106 is exploited.
Reduce Maintainability, Increase Analytical Complexity
Affects: Other
This issue makes it more difficult to maintain the product, which indirectly affects security by making it more difficult or time-consuming to find and/or fix vulnerabilities. It also might make it easier to introduce vulnerabilities.
How it happens
When it is introduced
Typically introduced during these phases of the software lifecycle.