SFP Secondary Cluster: Unchecked Status Condition
A category in the Common Weakness Enumeration published by The MITRE Corporation.
Categories in the Common Weakness Enumeration (CWE) group entries based on some common characteristic or attribute.
This category identifies Software Fault Patterns (SFPs) within the Unchecked Status Condition cluster (SFP4).
The product detects a specific error, but takes no actions to handle the error.
The product attempts to drop privileges but does not check or incorrectly checks to see if the drop succeeded.
The product does not check or incorrectly checks for unusual or exceptional conditions that are not expected to occur frequently during day to day operation of the pro...
The product does not handle or incorrectly handles an exceptional condition.
The product does not handle or incorrectly handles when it has insufficient privileges to access resources or functionality as specified by their permissions. This may...
The product does not initialize or incorrectly initializes a resource, which might leave the resource in an unexpected state when it is accessed or used.
The product does not properly determine which state it is in, causing it to assume it is in state X when in fact it is in state Y, causing it to perform incorrect oper...
The product incorrectly checks a return value from a function, which prevents it from detecting errors or exceptional conditions.
The code does not have a default case in an expression with multiple conditions, such as a switch statement.
A handler is not available or implemented.
The product omits a break statement within a switch or similar construct, causing code associated with multiple conditions to execute. This can cause problems when the...
An exception is thrown from a function, but it is not caught.
The Servlet does not catch all exceptions, which may reveal sensitive debugging information.
[PLANNED FOR DEPRECATION. SEE MAINTENANCE NOTES AND CONSIDER CWE-252, CWE-248, OR CWE-1069.] Ignoring exceptions and other error conditions may allow an attacker to in...
The product does not check the return value from a method or function, which can prevent it from detecting unexpected states and conditions.
The product does not properly check when a function or operation returns a value that is legitimate for the function, but is not expected by the product.
Catching NullPointerException should not be used as an alternative to programmatic checks to prevent dereferencing a null pointer.
CWE identifiers in this view are associated with clusters of Software Fault Patterns (SFPs).