Description
The code contains a member element that is declared as static (but not final), in which its parent class element is not a singleton class - that is, a class element that can be used only once in the 'to' association of a Create action.
Potential Impact
Other
Reduce Performance
Related Weaknesses
Taxonomy Mappings
- OMG ASCPEM: ASCPEM-PRF-3 —
Frequently Asked Questions
What is CWE-1042?
CWE-1042 (Static Member Data Element outside of a Singleton Class Element) is a software weakness identified by MITRE's Common Weakness Enumeration. It is classified as a Variant-level weakness. The code contains a member element that is declared as static (but not final), in which its parent class element is not a singleton class - that is, a class element that can be used only on...
How can CWE-1042 be exploited?
Attackers can exploit CWE-1042 (Static Member Data Element outside of a Singleton Class Element) to reduce performance. This weakness is typically introduced during the Implementation phase of software development.
How do I prevent CWE-1042?
Follow secure coding practices, conduct code reviews, and use automated security testing tools (SAST/DAST) to detect this weakness early in the development lifecycle.
What is the severity of CWE-1042?
CWE-1042 is classified as a Variant-level weakness (Low-Medium abstraction). Its actual severity depends on the specific context and how the weakness manifests in your application.