Automated static analysis, commonly referred to as Static Application Security Testing (SAST), can find some instances of this weakness by analyzing source code (or binary/compiled code) without having to execute it. Typically, this is done by building a model of data flow and control flow, then searching for potentially-vulnerable patterns that connect "sources" (origins of input) with "sinks" (destinations where the data interacts with external components, a lower layer such as the OS, etc.)
CWE-391 Base Incompleto
Unchecked Error Condition
This vulnerability occurs when a program fails to properly check or handle error conditions, such as exceptions or return codes. By ignoring these failures, the software can enter an unexpected…
Definición
What is CWE-391?
This vulnerability occurs when a program fails to properly check or handle error conditions, such as exceptions or return codes. By ignoring these failures, the software can enter an unexpected state that attackers might exploit, often without any logging or user notification.
When your code doesn't check for errors—like a failed file operation, a null pointer, or a network timeout—it continues executing as if nothing went wrong. This creates a gap between what the program assumes is true (e.g., 'the data was loaded') and reality (e.g., 'the variable is empty'), leading to crashes, data corruption, or security bypasses. Attackers can deliberately trigger these ignored errors to destabilize your application or reveal sensitive information.
To prevent this, always implement robust error handling. Check return values from functions, use try-catch blocks for exceptions, and validate system call outcomes. Log all caught errors with sufficient context for debugging, and decide on safe failure modes—like rolling back transactions or terminating the session—instead of silently proceeding. This defensive practice closes a common attack vector and makes your software more resilient and observable in production.
Impacto en el mundo real
Real-world CVEs caused by CWE-391
Todavía no hay CVEs públicos enlazados a esta CWE en el catálogo de MITRE.
Cómo lo explotan los atacantes
Ruta del atacante paso a paso
- 1
Identifica una ruta de código que maneje entrada no confiable sin validación.
- 2
Crea un payload que ejercite el comportamiento inseguro — inyección, traversal, overflow o abuso de lógica.
- 3
Envía el payload a través de una solicitud normal y observa la reacción de la aplicación.
- 4
Itera hasta que la respuesta filtre datos, ejecute código del atacante o escale privilegios.
Ejemplo de código vulnerable
Vulnerable Java
The following code excerpt ignores a rarely-thrown exception from doExchange().
try {
doExchange();
}
catch (RareException e) {
```
// this can never happen*
} Ejemplo de código seguro
Secure pseudo
// Validate, sanitize, or use a safe API before reaching the sink.
function handleRequest(input) {
const safe = validateAndEscape(input);
return executeWithGuards(safe);
} What changed: the unsafe sink is replaced (or the input is validated/escaped) so the same payload no longer triggers the weakness.
Lista de prevención
How to prevent CWE-391
- Requirements The choice between a language which has named or unnamed exceptions needs to be done. While unnamed exceptions exacerbate the chance of not properly dealing with an exception, named exceptions suffer from the up call version of the weak base class problem.
- Requirements A language can be used which requires, at compile time, to catch all serious exceptions. However, one must make sure to use the most current version of the API as new exceptions could be added.
- Implementation Catch all relevant exceptions. This is the recommended solution. Ensure that all exceptions are handled in such a way that you can be sure of the state of your system at any given moment.
Señales de detección
How to detect CWE-391
Plexicus detecta automáticamente CWE-391 y abre un PR de corrección en menos de 60 segundos.
Codex Remedium escanea cada commit, identifica esta debilidad concreta y entrega un pull request listo para revisión con el parche. Sin tickets. Sin traspasos.
Preguntas frecuentes ¿Qué es CWE-391?
¿Qué gravedad tiene CWE-391?
¿Qué lenguajes o plataformas se ven afectados por CWE-391?
¿Cómo puedo prevenir CWE-391?
¿Cómo detecta y corrige Plexicus CWE-391?
¿Dónde puedo aprender más sobre CWE-391?
Frequently asked questions
¿Qué es CWE-391?
This vulnerability occurs when a program fails to properly check or handle error conditions, such as exceptions or return codes. By ignoring these failures, the software can enter an unexpected state that attackers might exploit, often without any logging or user notification.
¿Qué gravedad tiene CWE-391?
MITRE califica la probabilidad de explotación como Media — la explotación es realista pero suele requerir condiciones específicas.
¿Qué lenguajes o plataformas se ven afectados por CWE-391?
MITRE no ha especificado plataformas afectadas para esta CWE — puede aplicar a la mayoría de los stacks de aplicaciones.
¿Cómo puedo prevenir CWE-391?
The choice between a language which has named or unnamed exceptions needs to be done. While unnamed exceptions exacerbate the chance of not properly dealing with an exception, named exceptions suffer from the up call version of the weak base class problem. A language can be used which requires, at compile time, to catch all serious exceptions. However, one must make sure to use the most current version of the API as new exceptions could be added.
¿Cómo detecta y corrige Plexicus CWE-391?
El motor SAST de Plexicus detecta la firma de flujo de datos para CWE-391 en cada commit. Cuando hay coincidencia, nuestro agente Codex Remedium abre un PR de corrección con el código corregido, las pruebas y un resumen de una línea para el revisor.
¿Dónde puedo aprender más sobre CWE-391?
MITRE publica la definición canónica en https://cwe.mitre.org/data/definitions/391.html. También puedes consultar la documentación de OWASP y NIST para guías relacionadas.
Debilidades relacionadas
Weaknesses related to CWE-391
CWE-754 Padre
Improper Check for Unusual or Exceptional Conditions
This weakness occurs when software fails to properly anticipate and handle rare or unexpected runtime situations that fall outside normal…
CWE-252 Hermano
Unchecked Return Value
This vulnerability occurs when a program fails to verify the result of a function or method call, allowing it to continue execution…
CWE-253 Hermano
Incorrect Check of Function Return Value
This vulnerability occurs when a program misinterprets or improperly validates the return value from a function, causing it to miss…
CWE-273 Hermano
Improper Check for Dropped Privileges
This vulnerability occurs when an application tries to lower its system privileges but fails to verify that the operation was successful.
CWE-354 Hermano
Improper Validation of Integrity Check Value
This vulnerability occurs when software fails to properly check the integrity of data by validating its checksum or hash value. Without…
CWE-394 Hermano
Unexpected Status Code or Return Value
This vulnerability occurs when software fails to properly validate the full range of possible return values from a function or system…
CWE-476 Hermano
NULL Pointer Dereference
This vulnerability occurs when a program attempts to access or manipulate memory using a pointer that is set to NULL, causing a crash or…
Listo cuando tú lo estés
Deja de pagar por desarrollador.
Empieza a cerrar el bucle.
Plexicus es el ASPM nativo de IA que escanea, filtra, corrige, pentestea y explica — de forma autónoma. Desarrolladores ilimitados, repos ilimitados, acciones de IA de uso justo. Nivel gratuito real, €269/mo anual cuando estés listo.