CWE•Base•Draft•5 recent CVEs
CWE-1320Improper Protection for Outbound Error Messages and Alert Signals
Description
Untrusted agents can disable alerts about signal conditions exceeding limits or the response mechanism that handles such alerts.
[object Object]
Common consequences
- Availability→DoS: Instability,DoS: Crash, Exit, or Restart,Reduce Reliability,Unexpected State
Potential mitigations
- Architecture and DesignAlert signals generated by critical events should be protected from access by untrusted agents. Only hardware or trusted firmware modules should be able to alter the alert configuration.