Documentation - V-222656

V-222656

Application Security and Development Security Technical Implementation Guide

CAT II

Title

The application must not be subject to error handling vulnerabilities.

Description

<VulnDiscussion>Error handling is the failure to check the return values of functions or catch top level exceptions within a program. Improper error handling in an application can lead to an application failure or possibly result in the application entering an insecure state. The primary way to detect error handling vulnerabilities is to perform code reviews. If a manual code review cannot be performed, static code analysis tools should be employed in conjunction with tests to help force the e...

Fix Text (Documentation Requirement)

Ensure proper return code and exception handling is implemented throughout the application.

View Full STIG Details →

Documentation Status

Status

Documented Verified - link to a ship document Awaiting Review Evidence submitted, needs verification Pending Needs documentation Not Required Documentation not needed Not Applicable STIG doesn't apply

Notes (Optional)

Cancel