CWE-1043: Data Element Aggregating an Excessively Large Number of Non-Primitive Elements

ID CWE-1043

Abstraction Base

Structure Simple

Status Incomplete

The product uses a data element that has an excessively large number of sub-elements with non-primitive data types such as structures or aggregated objects.

This issue can make the product perform more slowly. If the relevant code is reachable by an attacker, then this performance problem might introduce a vulnerability.

While the interpretation of "excessively large" may vary for each product or developer, CISQ recommends a default of 5 sub-elements.

Relationships

View			Weakness
# ID	View	Status	# ID	Name	Abstraction	Structure	Status
CWE-1000	Research Concepts	Draft	CWE-1093	Excessively Complex Data Representation	Class	Simple	Incomplete