Description
The product uses a large data table that contains an excessively large number of indices.
While the interpretation of "large data table" and "excessively large number of indices" may vary for each product or developer, CISQ recommends a default threshold of 1000000 rows for a "large" table and a default threshold of 3 indices.
Potential Impact
Other
Reduce Performance
Related Weaknesses
Taxonomy Mappings
- OMG ASCPEM: ASCPEM-PRF-6 —
Frequently Asked Questions
What is CWE-1089?
CWE-1089 (Large Data Table with Excessive Number of Indices) is a software weakness identified by MITRE's Common Weakness Enumeration. It is classified as a Base-level weakness. The product uses a large data table that contains an excessively large number of indices.
How can CWE-1089 be exploited?
Attackers can exploit CWE-1089 (Large Data Table with Excessive Number of Indices) to reduce performance. This weakness is typically introduced during the Implementation phase of software development.
How do I prevent CWE-1089?
Follow secure coding practices, conduct code reviews, and use automated security testing tools (SAST/DAST) to detect this weakness early in the development lifecycle.
What is the severity of CWE-1089?
CWE-1089 is classified as a Base-level weakness (Medium abstraction). Its actual severity depends on the specific context and how the weakness manifests in your application.