Description
The documentation does not sufficiently describe the techniques that are used for error handling, exception processing, or similar mechanisms.
Documentation may need to cover error handling techniques at multiple layers, such as module, executable, compilable code unit, or callable.
Potential Impact
Other
Reduce Maintainability
Related Weaknesses
Frequently Asked Questions
What is CWE-1118?
CWE-1118 (Insufficient Documentation of Error Handling Techniques) is a software weakness identified by MITRE's Common Weakness Enumeration. It is classified as a Base-level weakness. The documentation does not sufficiently describe the techniques that are used for error handling, exception processing, or similar mechanisms.
How can CWE-1118 be exploited?
Attackers can exploit CWE-1118 (Insufficient Documentation of Error Handling Techniques) to reduce maintainability. This weakness is typically introduced during the Documentation phase of software development.
How do I prevent CWE-1118?
Follow secure coding practices, conduct code reviews, and use automated security testing tools (SAST/DAST) to detect this weakness early in the development lifecycle.
What is the severity of CWE-1118?
CWE-1118 is classified as a Base-level weakness (Medium abstraction). Its actual severity depends on the specific context and how the weakness manifests in your application.