CWE-1059 1 CVEs MITRE definition ↗

CWE-1059: Insufficient Technical Documentation

Overview

CWE-1059 (Insufficient Technical Documentation) documents a weakness type used across vulnerability databases and security assessments. Use the sections below for definition, context, and mapped CVEs.

Security impact
Security impact: Depends on product and context; use CVE records, severity scores, and MITRE guidance to prioritize.

Description

The product does not contain sufficient technical or engineering documentation (whether on paper or in electronic form) that contains descriptions of all the relevant software/hardware elements of the product, such as its usage, structure, architectural components, interfaces, design, implementation, configuration, operation, etc.

Applicable platforms

Kind Name Class Prevalence OS / CPE
language Not Language-Specific Undetermined
operating_system Not OS-Specific Undetermined
architecture Not Architecture-Specific Undetermined
technology Not Technology-Specific Undetermined
technology ICS/OT Undetermined

Related CVEs in this database

These CVEs are mapped to this weakness in this database and kept for traceability and search.

CVE Published Summary
CVE-2022-3270 2022-12-01 In multiple products by Festo a remote unauthenticated attacker could use functions of an undocumented protocol which could lead to a complete loss of confidentiality, integrity and availability.

Previous names

  • Incomplete Documentation (2022-04-28)

Content submission

Name
CWE Content Team
Organization
MITRE
Date
2018-07-02
Version
3.2
Comment
Entry derived from Common Quality Enumeration (CQE) Draft 0.9.

Content modifications

Date Name Version Importance Comment
2020-02-24 CWE Content Team 4.0 updated Relationships
2022-04-28 CWE Content Team 4.7 updated Applicable_Platforms, Common_Consequences, Description, Name, Potential_Mitigations, References, Relationships, Time_of_Introduction
2023-01-31 CWE Content Team 4.10 updated Applicable_Platforms, Relationships
2023-04-27 CWE Content Team 4.11 updated Relationships, Taxonomy_Mappings
2023-06-29 CWE Content Team 4.12 updated Mapping_Notes, Taxonomy_Mappings
2023-10-26 CWE Content Team 4.13 updated Observed_Examples
2024-02-29 CWE Content Team 4.14 updated Mapping_Notes
2025-09-09 CWE Content Team 4.18 updated References

Contributions

Type Name Date Comment
Content Paul A. Wortman 2021-06-11 Submitted hardware-specific information about a "golden standard" that was integrated into this entry
Content "Mapping CWE to 62443" Sub-Working Group 2023-04-25 Suggested mappings to ISA/IEC 62443.
cvelogic Threat Intelligence