1. Home
  2. CWE Database
  3. CWE-1044
Base · Medium

CWE-1044: Architecture with Number of Horizontal Layers Outside of Expected Range

The product's architecture contains too many - or too few - horizontal layers.

CWE-1044 · Base Level

Description

The product's architecture contains too many - or too few - horizontal layers.

While the interpretation of "expected range" may vary for each product or developer, CISQ recommends a default minimum of 4 layers and maximum of 8 layers.

Potential Impact

Other

Reduce Maintainability

CWE-710: Improper Adherence to Coding Standards

The product does not follow certain coding rules for development, which can lead to resultant weaknesses or increase the...

Taxonomy Mappings

  • OMG ASCMM: ASCMM-MNT-9 —

Frequently Asked Questions

What is CWE-1044?

CWE-1044 (Architecture with Number of Horizontal Layers Outside of Expected Range) is a software weakness identified by MITRE's Common Weakness Enumeration. It is classified as a Base-level weakness. The product's architecture contains too many - or too few - horizontal layers.

How can CWE-1044 be exploited?

Attackers can exploit CWE-1044 (Architecture with Number of Horizontal Layers Outside of Expected Range) to reduce maintainability. This weakness is typically introduced during the Architecture and Design phase of software development.

How do I prevent CWE-1044?

Follow secure coding practices, conduct code reviews, and use automated security testing tools (SAST/DAST) to detect this weakness early in the development lifecycle.

What is the severity of CWE-1044?

CWE-1044 is classified as a Base-level weakness (Medium abstraction). Its actual severity depends on the specific context and how the weakness manifests in your application.