Description
A class has an inheritance level that is too high, i.e., it has a large number of parent classes.
While the interpretation of "large number of parent classes" may vary for each product or developer, CISQ recommends a default maximum of 7 parent classes.
Potential Impact
Other
Reduce Maintainability, Increase Analytical Complexity
Related Weaknesses
Taxonomy Mappings
- OMG ASCMM: ASCMM-MNT-17 —
Frequently Asked Questions
What is CWE-1074?
CWE-1074 (Class with Excessively Deep Inheritance) is a software weakness identified by MITRE's Common Weakness Enumeration. It is classified as a Base-level weakness. A class has an inheritance level that is too high, i.e., it has a large number of parent classes.
How can CWE-1074 be exploited?
Attackers can exploit CWE-1074 (Class with Excessively Deep Inheritance) to reduce maintainability, increase analytical complexity. This weakness is typically introduced during the Implementation phase of software development.
How do I prevent CWE-1074?
Follow secure coding practices, conduct code reviews, and use automated security testing tools (SAST/DAST) to detect this weakness early in the development lifecycle.
What is the severity of CWE-1074?
CWE-1074 is classified as a Base-level weakness (Medium abstraction). Its actual severity depends on the specific context and how the weakness manifests in your application.