Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
CWE-1120:Excessive Code Complexity
Weakness ID:1120
Version:v4.17
Weakness Name:Excessive Code Complexity
Vulnerability Mapping:Allowed-with-Review
Abstraction:Class
Structure:Simple
Status:Incomplete
Likelihood of Exploit:
DetailsContent HistoryObserved CVE ExamplesReports
▼Description

The code is too complex, as calculated using a well-defined, quantitative measure.

▼Extended Description

This issue makes it more difficult to understand and/or maintain the product, which indirectly affects security by making it more difficult or time-consuming to find and/or fix vulnerabilities. It also might make it easier to introduce vulnerabilities.

This issue can make the product perform more slowly. If the relevant code is reachable by an attacker, then this performance problem might introduce a vulnerability.

▼Alternate Terms
▼Relationships
Relevant to the view"Research Concepts - (1000)"
NatureMappingTypeIDName
ChildOfDiscouragedP710Improper Adherence to Coding Standards
ParentOfProhibitedB1056Invokable Control Element with Variadic Parameters
ParentOfProhibitedB1095Loop Condition Value Update within the Loop
ParentOfProhibitedB1060Excessive Number of Inefficient Server-Side Data Accesses
ParentOfAllowedB1075Unconditional Control Flow Transfer outside of Switch Block
ParentOfProhibitedB1064Invokable Control Element with Signature Containing an Excessive Number of Parameters
ParentOfProhibitedB1047Modules with Circular Dependencies
ParentOfProhibitedB1080Source Code File with Excessive Number of Lines of Code
ParentOfProhibitedB1119Excessive Use of Unconditional Branching
ParentOfProhibitedB1121Excessive McCabe Cyclomatic Complexity
ParentOfProhibitedB1122Excessive Halstead Complexity
ParentOfAllowedB1123Excessive Use of Self-Modifying Code
ParentOfProhibitedB1124Excessively Deep Nesting
ParentOfProhibitedB1125Excessive Attack Surface
Nature: ChildOf
Mapping: Discouraged
Type: Pillar
ID: 710
Name: Improper Adherence to Coding Standards
Nature: ParentOf
Mapping: Prohibited
Type: Base
ID: 1056
Name: Invokable Control Element with Variadic Parameters
Nature: ParentOf
Mapping: Prohibited
Type: Base
ID: 1095
Name: Loop Condition Value Update within the Loop
Nature: ParentOf
Mapping: Prohibited
Type: Base
ID: 1060
Name: Excessive Number of Inefficient Server-Side Data Accesses
Nature: ParentOf
Mapping: Allowed
Type: Base
ID: 1075
Name: Unconditional Control Flow Transfer outside of Switch Block
Nature: ParentOf
Mapping: Prohibited
Type: Base
ID: 1064
Name: Invokable Control Element with Signature Containing an Excessive Number of Parameters
Nature: ParentOf
Mapping: Prohibited
Type: Base
ID: 1047
Name: Modules with Circular Dependencies
Nature: ParentOf
Mapping: Prohibited
Type: Base
ID: 1080
Name: Source Code File with Excessive Number of Lines of Code
Nature: ParentOf
Mapping: Prohibited
Type: Base
ID: 1119
Name: Excessive Use of Unconditional Branching
Nature: ParentOf
Mapping: Prohibited
Type: Base
ID: 1121
Name: Excessive McCabe Cyclomatic Complexity
Nature: ParentOf
Mapping: Prohibited
Type: Base
ID: 1122
Name: Excessive Halstead Complexity
Nature: ParentOf
Mapping: Allowed
Type: Base
ID: 1123
Name: Excessive Use of Self-Modifying Code
Nature: ParentOf
Mapping: Prohibited
Type: Base
ID: 1124
Name: Excessively Deep Nesting
Nature: ParentOf
Mapping: Prohibited
Type: Base
ID: 1125
Name: Excessive Attack Surface
▼Memberships
NatureMappingTypeIDName
MemberOfProhibitedC1412Comprehensive Categorization: Poor Coding Practices
Nature: MemberOf
Mapping: Prohibited
Type:Category
ID: 1412
Name: Comprehensive Categorization: Poor Coding Practices
▼Tags
NatureMappingTypeIDName
MemberOfProhibitedBSBOSS-310Reduce Maintainability (impact)
MemberOfProhibitedBSBOSS-313Reduce Performance (impact)
Nature: MemberOf
Mapping: Prohibited
Type:BOSSView
ID: BOSS-310
Name: Reduce Maintainability (impact)
Nature: MemberOf
Mapping: Prohibited
Type:BOSSView
ID: BOSS-313
Name: Reduce Performance (impact)
▼Relevant To View
▼Background Detail

▼Common Consequences
ScopeLikelihoodImpactNote
OtherN/AReduce Maintainability
N/A
OtherN/AReduce Performance
N/A
Scope: Other
Likelihood: N/A
Impact: Reduce Maintainability
Note:
N/A
Scope: Other
Likelihood: N/A
Impact: Reduce Performance
Note:
N/A
▼Potential Mitigations
▼Modes Of Introduction
▼Applicable Platforms
▼Demonstrative Examples
▼Observed Examples
ReferenceDescription
▼Affected Resources
    ▼Functional Areas
      ▼Weakness Ordinalities
      OrdinalityDescription
      Indirect
      N/A
      Ordinality: Indirect
      Description:
      N/A
      ▼Detection Methods
      ▼Vulnerability Mapping Notes
      Usage:Allowed-with-Review
      Reason:Abstraction
      Rationale:

      This CWE entry is a Class and might have Base-level children that would be more appropriate

      Comments:

      Examine children of this entry to see if there is a better fit

      Suggestions:
      ▼Notes
      ▼Taxonomy Mappings
      Taxonomy NameEntry IDFitEntry Name
      ▼Related Attack Patterns
      IDName
      ▼References
      Details not found