CWE-1059 (Insufficient Technical Documentation) documents a weakness type used across vulnerability databases and security assessments. Use the sections below for definition, context, and mapped CVEs.
Security impact
Security impact: Depends on product and context; use CVE records, severity scores, and MITRE guidance to prioritize.
Description
The product does not contain sufficient
technical or engineering documentation (whether on paper or
in electronic form) that contains descriptions of all the
relevant software/hardware elements of the product, such as
its usage, structure, architectural components, interfaces, design, implementation,
configuration, operation, etc.
Applicable platforms
Kind
Name
Class
Prevalence
OS / CPE
language
—
Not Language-Specific
Undetermined
—
operating_system
—
Not OS-Specific
Undetermined
—
architecture
—
Not Architecture-Specific
Undetermined
—
technology
—
Not Technology-Specific
Undetermined
—
technology
—
ICS/OT
Undetermined
—
Related CVEs in this database
These CVEs are mapped to this weakness in this database and kept for traceability and search.
In multiple products by Festo a remote unauthenticated attacker could use functions of an undocumented protocol which could lead to a complete loss of confidentiality, integrity and availability.
Previous names
Incomplete Documentation(2022-04-28)
Content submission
Name
CWE Content Team
Organization
MITRE
Date
2018-07-02
Version
3.2
Comment
Entry derived from Common Quality Enumeration (CQE) Draft 0.9.