CWE-455: Non-exit on Failed Initialization

low-risk

The product does not exit or otherwise modify its operation when security-relevant errors occur during initialization, such as when a configuration file has a format error or a hardware security module (HSM) cannot be activated, which can cause the product to execute in a less secure fashion than intended by the administrator.

Abstraction: Base

Common Consequences

Integrity Modify Application Data

Real-World Examples (1)

CVE CVSS EPSS KEV
CVE-2022-4662 5.5 0.0%
0
/ 100
low-risk
Active Threat 0/50 · Minimal
Exploit Availability 0/50 · Minimal