CWE-1064: Invokable Control Element with Signature Containing an Excessive Number of Parameters

Description

The product contains a function, subroutine, or method whose signature has an unnecessarily large number of parameters/arguments.

Extended Description

This issue makes it more difficult to understand and/or maintain the product, which indirectly affects security by making it more difficult or time-consuming to find and/or fix vulnerabilities. It also might make it easier to introduce vulnerabilities. While the interpretation of "large number of parameters." may vary for each product or developer, CISQ recommends a default maximum of 7 parameters/arguments.

ThreatScore

Threat Mapped score: 0.0

Industry: Finiancial

Threat priority: Unclassified

Observed Examples (CVEs)

No observed examples available.

Related Attack Patterns (CAPEC)

N/A

Attack TTPs

N/A

Modes of Introduction

Phase	Note
None listed.

Common Consequences

Impact: Reduce Maintainability — Notes:

Potential Mitigations

None listed.

Applicable Platforms

None listed.

Demonstrative Examples

N/A

Notes

No notes available.

← Back to CWE list