Description
This category represents one of the phyla in the Seven Pernicious
Kingdoms vulnerability classification. It includes weaknesses that occur
when an application does not properly handle errors that occur during
processing. According to the authors of the Seven Pernicious Kingdoms,
"Errors and error handling represent a class of API. Errors related to
error handling are so common that they deserve a special kingdom of
their own. As with 'API Abuse,' there are two ways to introduce an
error-related security vulnerability: the most common one is handling
errors poorly (or not at all). The second is producing errors that
either give out too much information (to possible attackers) or are
difficult to handle."
Latest vulnerabilities for CWE-388
References
Description of CWE-388 on Mitre website