CWE-1051: Initialization with Hard-Coded Network Resource Configuration Data

BaseIncomplete

The product initializes data using hard-coded values that act as network resource identifiers.

Extended Description

This issue can prevent the product from running reliably, e.g. if it runs in an environment does not use the hard-coded network resource identifiers. If the relevant code is reachable by an attacker, then this reliability problem might introduce a vulnerability.

Technical Details

Structure: Simple

Applicable To

Languages

Platforms

Frequently Asked Questions

What is CWE-1051: Initialization with Hard-Coded Network Resource Configuration Data?+

CWE-1051: Initialization with Hard-Coded Network Resource Configuration Data is a Common Weakness Enumeration (CWE) entry maintained by MITRE. The product initializes data using hard-coded values that act as network resource identifiers. This issue can prevent the product from running reliably, e.g. if it runs in an environment does not use the hard-coded network resource identifiers. If the relevant code is reachable by an attacker, then this reliability problem might introduce a vulnerability.

What are the security consequences of Initialization with Hard-Coded Network Resource Configuration Data?+

If exploited, CWE-1051 (Initialization with Hard-Coded Network Resource Configuration Data) it can compromise Other, leading to outcomes such as Reduce Reliability.

What is the difference between a CWE and a CVE?+

A CWE (Common Weakness Enumeration) like CWE-1051 describes a category of software weakness — the underlying flaw type. A CVE (Common Vulnerabilities and Exposures) identifies a specific, real-world vulnerability in a particular product. In short, a CWE is the kind of mistake, and a CVE is an instance of that mistake being found in software.