CWE-758

Reliance on Undefined, Unspecified, or Implementation-Defined Behavior

Class

What it is

The product uses an API function, data structure, or other entity in a way that relies on properties that are not always guaranteed to hold for that entity.

This can lead to resultant weaknesses when the required properties change, such as when the product is ported to a different platform or if an interaction error (CWE-435) occurs.

Impact

Other

Reduce Maintainability, Unexpected State, Quality Degradation

Real-world CVE examples

CVE-2006-1902 — Change in C compiler behavior causes resultant buffer overflows in programs that depend on behaviors that were undefined in the C standard.

Related weaknesses

CWE-710 (childof)

Test & detect

Browse all common weaknesses, check related exploited CVEs, or map to ATT&CK techniques.

Source: MITRE CWE. View on cwe.mitre.org →