Variant weakness

Draft

CWE-382: J2EE Bad Practices: Use of System.exit()

A J2EE application uses System.exit(), which also shuts down its container.

Recorded CVEs

With this primary weakness

KEVs

In the CISA KEV catalog

Not rated

Likelihood of exploit

Per MITRE

Variant

Abstraction

MITRE classification

Overview

It is never a good idea for a web application to attempt to shut down the application container. Access to a function that can shut down the application is an avenue for Denial of Service (DoS) attacks.

Common consequences

What can happen when CWE-382 is exploited.

CWE-382: J2EE Bad Practices: Use of System.exit()

Overview

Common consequences

How it happens

When it is introduced

Applies to

How to prevent it

How to detect it

Automated Static Analysis

Code examples

Terminology & mappings

Mapped taxonomies

Frequently asked questions

What is CWE-382?

Is CWE-382 part of the OWASP Top 10?

How do you prevent CWE-382?

How is CWE-382 detected?

What are the consequences of CWE-382?

References

Stay ahead of CWE-382

Overview

Common consequences

How it happens

When it is introduced

Applies to

How to prevent it

How to detect it

Automated Static Analysis

Code examples

Related weaknesses

Parent

Terminology & mappings

Mapped taxonomies

Frequently asked questions

What is CWE-382?

Is CWE-382 part of the OWASP Top 10?

How do you prevent CWE-382?

How is CWE-382 detected?

What are the consequences of CWE-382?

References

Stay ahead of CWE-382