The product does not handle or incorrectly handles when a particular structural element is not completely specified.

What are the consequences of CWE-238?

Exploiting CWE-238 can lead to: Unexpected State.

CWE-238: Improper Handling of Incomplete Structural Elements

Overview

CWE-238 (Improper Handling of Incomplete Structural Elements) is a variant-level software weakness catalogued by MITRE in the Common Weakness Enumeration (CWE). It describes a recurring type of mistake that can lead to exploitable security vulnerabilities.

Common consequences

What can happen when CWE-238 is exploited.

Unexpected State

Affects: Integrity

How it happens

When it is introduced

Typically introduced during these phases of the software lifecycle.

Implementation

How this weakness relates to others in the CWE hierarchy.

Parent

CWE-237: Improper Handling of Structural Elements

Terminology & mappings

Mapped taxonomies

PLOVER: Missing Element Error

CWE-238: Improper Handling of Incomplete Structural Elements

Overview

Common consequences

How it happens

When it is introduced

Terminology & mappings

Mapped taxonomies

Frequently asked questions

What is CWE-238?

What are the consequences of CWE-238?

References

Stay ahead of CWE-238

Overview

Common consequences

How it happens

When it is introduced

Related weaknesses

Parent

Terminology & mappings

Mapped taxonomies

Frequently asked questions

What is CWE-238?

What are the consequences of CWE-238?

References

Stay ahead of CWE-238