CWE-755
DiscouragedImproper Handling of Exceptional Conditions
Abstraction: Class · Status: Incomplete
The product does not handle or incorrectly handles an exceptional condition.
685 vulnerabilities reference this CWE, most recent first.
GHSA-RCM3-8WQ2-RCC2
Vulnerability from github – Published: 2024-06-06 18:30 – Updated: 2024-06-06 18:30mintplex-labs/anything-llm is vulnerable to multiple security issues due to improper input validation in several endpoints. An attacker can exploit these vulnerabilities to escalate privileges from a default user role to an admin role, read and delete arbitrary files on the system, and perform Server-Side Request Forgery (SSRF) attacks. The vulnerabilities are present in the /request-token, /workspace/:slug/thread/:threadSlug/update, /system/remove-logo, /system/logo, and collector's /process endpoints. These issues are due to the application's failure to properly validate user input before passing it to prisma functions and other critical operations. Affected versions include the latest version prior to 1.0.0.
{
"affected": [],
"aliases": [
"CVE-2024-3152"
],
"database_specific": {
"cwe_ids": [
"CWE-20",
"CWE-755",
"CWE-918"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-06-06T18:15:17Z",
"severity": "HIGH"
},
"details": "mintplex-labs/anything-llm is vulnerable to multiple security issues due to improper input validation in several endpoints. An attacker can exploit these vulnerabilities to escalate privileges from a default user role to an admin role, read and delete arbitrary files on the system, and perform Server-Side Request Forgery (SSRF) attacks. The vulnerabilities are present in the `/request-token`, `/workspace/:slug/thread/:threadSlug/update`, `/system/remove-logo`, `/system/logo`, and collector\u0027s `/process` endpoints. These issues are due to the application\u0027s failure to properly validate user input before passing it to `prisma` functions and other critical operations. Affected versions include the latest version prior to 1.0.0.",
"id": "GHSA-rcm3-8wq2-rcc2",
"modified": "2024-06-06T18:30:57Z",
"published": "2024-06-06T18:30:57Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-3152"
},
{
"type": "WEB",
"url": "https://github.com/mintplex-labs/anything-llm/commit/200bd7f0615347ed2efc07903d510e5a208b0afc"
},
{
"type": "WEB",
"url": "https://huntr.com/bounties/46034fa0-d623-49f8-8ee8-390390181373"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-RCW6-69H3-89FH
Vulnerability from github – Published: 2022-05-24 17:07 – Updated: 2025-10-22 00:31smtp_mailaddr in smtp_session.c in OpenSMTPD 6.6, as used in OpenBSD 6.6 and other products, allows remote attackers to execute arbitrary commands as root via a crafted SMTP session, as demonstrated by shell metacharacters in a MAIL FROM field. This affects the "uncommented" default configuration. The issue exists because of an incorrect return value upon failure of input validation.
{
"affected": [],
"aliases": [
"CVE-2020-7247"
],
"database_specific": {
"cwe_ids": [
"CWE-252",
"CWE-755",
"CWE-78"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2020-01-29T16:15:00Z",
"severity": "HIGH"
},
"details": "smtp_mailaddr in smtp_session.c in OpenSMTPD 6.6, as used in OpenBSD 6.6 and other products, allows remote attackers to execute arbitrary commands as root via a crafted SMTP session, as demonstrated by shell metacharacters in a MAIL FROM field. This affects the \"uncommented\" default configuration. The issue exists because of an incorrect return value upon failure of input validation.",
"id": "GHSA-rcw6-69h3-89fh",
"modified": "2025-10-22T00:31:50Z",
"published": "2022-05-24T17:07:42Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-7247"
},
{
"type": "WEB",
"url": "https://github.com/openbsd/src/commit/9dcfda045474d8903224d175907bfc29761dcb45"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/OPH4QU4DNVHA7ACFXMYFCEP5PSXXPN4E"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OPH4QU4DNVHA7ACFXMYFCEP5PSXXPN4E"
},
{
"type": "WEB",
"url": "https://seclists.org/bugtraq/2020/Jan/51"
},
{
"type": "WEB",
"url": "https://usn.ubuntu.com/4268-1"
},
{
"type": "WEB",
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2020-7247"
},
{
"type": "WEB",
"url": "https://www.debian.org/security/2020/dsa-4611"
},
{
"type": "WEB",
"url": "https://www.kb.cert.org/vuls/id/390745"
},
{
"type": "WEB",
"url": "https://www.openbsd.org/security.html"
},
{
"type": "WEB",
"url": "http://packetstormsecurity.com/files/156137/OpenBSD-OpenSMTPD-Privilege-Escalation-Code-Execution.html"
},
{
"type": "WEB",
"url": "http://packetstormsecurity.com/files/156145/OpenSMTPD-6.6.2-Remote-Code-Execution.html"
},
{
"type": "WEB",
"url": "http://packetstormsecurity.com/files/156249/OpenSMTPD-MAIL-FROM-Remote-Code-Execution.html"
},
{
"type": "WEB",
"url": "http://packetstormsecurity.com/files/156295/OpenSMTPD-6.6.1-Local-Privilege-Escalation.html"
},
{
"type": "WEB",
"url": "http://packetstormsecurity.com/files/162093/OpenBSD-OpenSMTPD-6.6-Remote-Code-Execution.html"
},
{
"type": "WEB",
"url": "http://seclists.org/fulldisclosure/2020/Jan/49"
},
{
"type": "WEB",
"url": "http://www.openwall.com/lists/oss-security/2020/01/28/3"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-RJ77-CP45-4Q8H
Vulnerability from github – Published: 2022-05-24 17:35 – Updated: 2022-05-24 17:35An improper handling of exceptional conditions vulnerability in Cortex XDR Agent allows a local authenticated Windows user to create files in the software's internal program directory that prevents the Cortex XDR Agent from starting. The exceptional condition is persistent and prevents Cortex XDR Agent from starting when the software or machine is restarted. This issue impacts: Cortex XDR Agent 5.0 versions earlier than 5.0.10; Cortex XDR Agent 6.1 versions earlier than 6.1.7; Cortex XDR Agent 7.0 versions earlier than 7.0.3; Cortex XDR Agent 7.1 versions earlier than 7.1.2.
{
"affected": [],
"aliases": [
"CVE-2020-2020"
],
"database_specific": {
"cwe_ids": [
"CWE-755"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2020-12-09T18:15:00Z",
"severity": "MODERATE"
},
"details": "An improper handling of exceptional conditions vulnerability in Cortex XDR Agent allows a local authenticated Windows user to create files in the software\u0027s internal program directory that prevents the Cortex XDR Agent from starting. The exceptional condition is persistent and prevents Cortex XDR Agent from starting when the software or machine is restarted. This issue impacts: Cortex XDR Agent 5.0 versions earlier than 5.0.10; Cortex XDR Agent 6.1 versions earlier than 6.1.7; Cortex XDR Agent 7.0 versions earlier than 7.0.3; Cortex XDR Agent 7.1 versions earlier than 7.1.2.",
"id": "GHSA-rj77-cp45-4q8h",
"modified": "2022-05-24T17:35:31Z",
"published": "2022-05-24T17:35:31Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-2020"
},
{
"type": "WEB",
"url": "https://security.paloaltonetworks.com/CVE-2020-2020"
}
],
"schema_version": "1.4.0",
"severity": []
}
GHSA-RJ7R-7XGG-2MRC
Vulnerability from github – Published: 2022-05-24 17:30 – Updated: 2023-12-31 21:30An elevation of privilege vulnerability exists when Windows Error Reporting manager improperly handles a process crash, aka 'Windows Error Reporting Manager Elevation of Privilege Vulnerability'.
{
"affected": [],
"aliases": [
"CVE-2020-16895"
],
"database_specific": {
"cwe_ids": [
"CWE-269",
"CWE-755"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2020-10-16T23:15:00Z",
"severity": "HIGH"
},
"details": "An elevation of privilege vulnerability exists when Windows Error Reporting manager improperly handles a process crash, aka \u0027Windows Error Reporting Manager Elevation of Privilege Vulnerability\u0027.",
"id": "GHSA-rj7r-7xgg-2mrc",
"modified": "2023-12-31T21:30:22Z",
"published": "2022-05-24T17:30:55Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-16895"
},
{
"type": "WEB",
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-16895"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-RJJW-VJJ8-Q96X
Vulnerability from github – Published: 2024-02-21 15:30 – Updated: 2024-06-03 18:55In the Linux kernel, the following vulnerability has been resolved:
net: tls: handle backlogging of crypto requests
Since we're setting the CRYPTO_TFM_REQ_MAY_BACKLOG flag on our requests to the crypto API, crypto_aead_{encrypt,decrypt} can return -EBUSY instead of -EINPROGRESS in valid situations. For example, when the cryptd queue for AESNI is full (easy to trigger with an artificially low cryptd.cryptd_max_cpu_qlen), requests will be enqueued to the backlog but still processed. In that case, the async callback will also be called twice: first with err == -EINPROGRESS, which it seems we can just ignore, then with err == 0.
Compared to Sabrina's original patch this version uses the new tls_*crypt_async_wait() helpers and converts the EBUSY to EINPROGRESS to avoid having to modify all the error handling paths. The handling is identical.
{
"affected": [],
"aliases": [
"CVE-2024-26584"
],
"database_specific": {
"cwe_ids": [
"CWE-755"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-02-21T15:15:09Z",
"severity": "MODERATE"
},
"details": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: tls: handle backlogging of crypto requests\n\nSince we\u0027re setting the CRYPTO_TFM_REQ_MAY_BACKLOG flag on our\nrequests to the crypto API, crypto_aead_{encrypt,decrypt} can return\n -EBUSY instead of -EINPROGRESS in valid situations. For example, when\nthe cryptd queue for AESNI is full (easy to trigger with an\nartificially low cryptd.cryptd_max_cpu_qlen), requests will be enqueued\nto the backlog but still processed. In that case, the async callback\nwill also be called twice: first with err == -EINPROGRESS, which it\nseems we can just ignore, then with err == 0.\n\nCompared to Sabrina\u0027s original patch this version uses the new\ntls_*crypt_async_wait() helpers and converts the EBUSY to\nEINPROGRESS to avoid having to modify all the error handling\npaths. The handling is identical.",
"id": "GHSA-rjjw-vjj8-q96x",
"modified": "2024-06-03T18:55:49Z",
"published": "2024-02-21T15:30:45Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-26584"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/13eca403876bbea3716e82cdfe6f1e6febb38754"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/3ade391adc584f17b5570fd205de3ad029090368"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/8590541473188741055d27b955db0777569438e3"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/ab6397f072e5097f267abf5cb08a8004e6b17694"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/cd1bbca03f3c1d845ce274c0d0a66de8e5929f72"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EZOU3745CWCDZ7EMKMXB2OEEIB5Q3IWM"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OX4EWCYDZRTOEMC2C6OF7ZACAP23SUB5"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-RQ2F-RGC6-GFH9
Vulnerability from github – Published: 2022-05-13 01:19 – Updated: 2022-05-13 01:19Cloud Foundry Loggregator, versions 89.x prior to 89.5 or 96.x prior to 96.1 or 99.x prior to 99.1 or 101.x prior to 101.9 or 102.x prior to 102.2, does not handle errors thrown while constructing certain http requests. A remote authenticated user may construct malicious requests to cause the traffic controller to leave dangling TCP connections, which could cause denial of service.
{
"affected": [],
"aliases": [
"CVE-2018-1269"
],
"database_specific": {
"cwe_ids": [
"CWE-755"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2018-06-06T20:29:00Z",
"severity": "MODERATE"
},
"details": "Cloud Foundry Loggregator, versions 89.x prior to 89.5 or 96.x prior to 96.1 or 99.x prior to 99.1 or 101.x prior to 101.9 or 102.x prior to 102.2, does not handle errors thrown while constructing certain http requests. A remote authenticated user may construct malicious requests to cause the traffic controller to leave dangling TCP connections, which could cause denial of service.",
"id": "GHSA-rq2f-rgc6-gfh9",
"modified": "2022-05-13T01:19:03Z",
"published": "2022-05-13T01:19:03Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-1269"
},
{
"type": "WEB",
"url": "https://www.cloudfoundry.org/blog/cve-2018-1269"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-RQG9-G4FR-3CFJ
Vulnerability from github – Published: 2022-03-25 00:00 – Updated: 2022-03-25 00:00NVIDIA DCGM contains a vulnerability in nvhostengine, where a network user can cause detection of error conditions without action, which may lead to limited code execution, some denial of service, escalation of privileges, and limited impacts to both data confidentiality and integrity.
{
"affected": [],
"aliases": [
"CVE-2022-21820"
],
"database_specific": {
"cwe_ids": [
"CWE-20",
"CWE-755"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2022-03-24T17:15:00Z",
"severity": "MODERATE"
},
"details": "NVIDIA DCGM contains a vulnerability in nvhostengine, where a network user can cause detection of error conditions without action, which may lead to limited code execution, some denial of service, escalation of privileges, and limited impacts to both data confidentiality and integrity.",
"id": "GHSA-rqg9-g4fr-3cfj",
"modified": "2022-03-25T00:00:33Z",
"published": "2022-03-25T00:00:33Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-21820"
},
{
"type": "WEB",
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5328"
},
{
"type": "WEB",
"url": "http://packetstormsecurity.com/files/167396/NVIDIA-Data-Center-GPU-Manager-Remote-Memory-Corruption.html"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"type": "CVSS_V3"
}
]
}
GHSA-RQW4-WGG4-99M9
Vulnerability from github – Published: 2022-05-24 17:34 – Updated: 2024-01-23 18:31A user authorized to perform database queries may cause denial of service by issuing a specially crafted query which violates an invariant in the server selection subsystem. This issue affects: MongoDB Server version 4.4 prior to 4.4.1. Versions before 4.4 are not affected.
{
"affected": [],
"aliases": [
"CVE-2020-7926"
],
"database_specific": {
"cwe_ids": [
"CWE-755"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2020-11-23T15:15:00Z",
"severity": "MODERATE"
},
"details": "A user authorized to perform database queries may cause denial of service by issuing a specially crafted query which violates an invariant in the server selection subsystem. This issue affects: MongoDB Server version 4.4 prior to 4.4.1. Versions before 4.4 are not affected.",
"id": "GHSA-rqw4-wgg4-99m9",
"modified": "2024-01-23T18:31:08Z",
"published": "2022-05-24T17:34:50Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-7926"
},
{
"type": "WEB",
"url": "https://jira.mongodb.org/browse/SERVER-50170"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-RVXM-FXRP-Q47C
Vulnerability from github – Published: 2022-05-24 17:13 – Updated: 2022-10-22 12:00When an attacker sends a specific crafted Ethernet Operation, Administration, and Maintenance (Ethernet OAM) packet to a target device, it may improperly handle the incoming malformed data and fail to sanitize this incoming data resulting in an overflow condition. This overflow condition in Juniper Networks Junos OS allows an attacker to cause a Denial of Service (DoS) condition by coring the CFM daemon. Continued receipt of these packets may cause an extended Denial of Service condition. This issue affects: Juniper Networks Junos OS 12.3 versions prior to 12.3R12-S15; 12.3X48 versions prior to 12.3X48-D95 on SRX Series; 14.1X50 versions prior to 14.1X50-D145; 14.1X53 versions prior to 14.1X53-D47; 15.1 versions prior to 15.1R2; 15.1X49 versions prior to 15.1X49-D170 on SRX Series; 15.1X53 versions prior to 15.1X53-D67.
{
"affected": [],
"aliases": [
"CVE-2020-1639"
],
"database_specific": {
"cwe_ids": [
"CWE-755"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2020-04-08T20:15:00Z",
"severity": "MODERATE"
},
"details": "When an attacker sends a specific crafted Ethernet Operation, Administration, and Maintenance (Ethernet OAM) packet to a target device, it may improperly handle the incoming malformed data and fail to sanitize this incoming data resulting in an overflow condition. This overflow condition in Juniper Networks Junos OS allows an attacker to cause a Denial of Service (DoS) condition by coring the CFM daemon. Continued receipt of these packets may cause an extended Denial of Service condition. This issue affects: Juniper Networks Junos OS 12.3 versions prior to 12.3R12-S15; 12.3X48 versions prior to 12.3X48-D95 on SRX Series; 14.1X50 versions prior to 14.1X50-D145; 14.1X53 versions prior to 14.1X53-D47; 15.1 versions prior to 15.1R2; 15.1X49 versions prior to 15.1X49-D170 on SRX Series; 15.1X53 versions prior to 15.1X53-D67.",
"id": "GHSA-rvxm-fxrp-q47c",
"modified": "2022-10-22T12:00:29Z",
"published": "2022-05-24T17:13:52Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-1639"
},
{
"type": "WEB",
"url": "https://kb.juniper.net"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-RXQ5-5W2F-G92R
Vulnerability from github – Published: 2025-01-09 18:32 – Updated: 2025-01-09 18:32An Improper Handling of Exceptional Conditions vulnerability in the command-line processing of Juniper Networks Junos OS on SRX1500, SRX4100, and SRX4200 devices allows a local, low-privileged authenticated attacker executing the 'show chassis environment pem' command to cause the chassis daemon (chassisd) to crash and restart, resulting in a temporary Denial of Service (DoS). However, repeated execution of this command will eventually cause the chassisd process to fail to restart, impacting packet processing on the system.
This issue affects Junos OS on SRX1500, SRX4100, SRX4200:
- All versions before 21.4R3-S9,
- from 22.2 before 22.2R3-S5,
- from 22.3 before 22.3R3-S4,
- from 22.4 before 22.4R3-S4,
- from 23.2 before 23.2R2-S3,
- from 23.4 before 23.4R2-S1.
{
"affected": [],
"aliases": [
"CVE-2025-21596"
],
"database_specific": {
"cwe_ids": [
"CWE-755"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-01-09T17:15:18Z",
"severity": "MODERATE"
},
"details": "An Improper Handling of Exceptional Conditions vulnerability in the command-line processing of Juniper Networks Junos OS on SRX1500, SRX4100, and SRX4200 devices allows a local, low-privileged authenticated attacker executing the \u0027show chassis environment pem\u0027 command to cause the chassis daemon (chassisd) to crash and restart, resulting in a temporary Denial of Service (DoS). However, repeated execution of this command will eventually cause the chassisd process to fail to restart, impacting packet processing on the system.\n\nThis issue affects Junos OS on SRX1500, SRX4100, SRX4200:\u00a0\n\n\n\n * All versions before 21.4R3-S9,\u00a0\n * from 22.2 before 22.2R3-S5,\u00a0\n * from 22.3 before 22.3R3-S4,\u00a0\n * from 22.4 before 22.4R3-S4,\u00a0\n * from 23.2 before 23.2R2-S3,\u00a0\n * from 23.4 before 23.4R2-S1.",
"id": "GHSA-rxq5-5w2f-g92r",
"modified": "2025-01-09T18:32:15Z",
"published": "2025-01-09T18:32:15Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-21596"
},
{
"type": "WEB",
"url": "https://supportportal.juniper.net/JSA92864"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
},
{
"score": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:N/R:U/V:X/RE:M/U:X",
"type": "CVSS_V4"
}
]
}
No mitigation information available for this CWE.
No CAPEC attack patterns related to this CWE.