CWE-239 – Failure to Handle Incomplete Element | Common Weakness Enumeration（CWE）

概要

CWE-239（Failure to Handle Incomplete Element）は各種脆弱性データベースや評価で用いられる弱点タイプを説明します。定義・背景・対応する CVE は以下の各セクションを参照してください。

The product does not properly handle when a particular element is not completely specified.

種別	名称	クラス	普遍性	OS / CPE
language	—	Not Language-Specific	Undetermined	—

これらの CVE は本データベースでこの弱点に対応付けられており、追跡と検索のために保持されています。

CVE	公開	概要
CVE-2025-41724	2025-10-22	An unauthenticated remote attacker can crash the wscserver by sending incomplete SOAP requests. The wscserver process will not be restarted by a watchdog and a device reboot is necessary to make it wo…
CVE-2024-29155	2024-10-16	On Microchip RN4870 devices, when more than one consecutive PairReqNoInputNoOutput request is received, the device becomes incapable of completing the pairing process. A third party can inject a sec…
CVE-2020-10280	2020-06-24	The Apache server on port 80 that host the web interface is vulnerable to a DoS by spamming incomplete HTTP headers, effectively blocking the access to the dashboard.

日付	名称	バージョン	重要度	コメント
2008-07-01	Eric Dalci	1.0	—	updated Time_of_Introduction
2008-09-08	CWE Content Team	1.0	—	updated Relationships, Observed_Example, Taxonomy_Mappings
2009-10-29	CWE Content Team	1.6	—	updated Description
2011-06-01	CWE Content Team	1.13	—	updated Common_Consequences
2011-06-27	CWE Content Team	2.0	—	updated Common_Consequences
2012-05-11	CWE Content Team	2.2	—	updated Relationships
2013-07-17	CWE Content Team	2.5	—	updated Type
2014-07-30	CWE Content Team	2.8	—	updated Relationships
2017-11-08	CWE Content Team	3.0	—	updated Applicable_Platforms
2020-02-24	CWE Content Team	4.0	—	updated Relationships
2023-01-31	CWE Content Team	4.10	—	updated Description
2023-04-27	CWE Content Team	4.11	—	updated Relationships, Time_of_Introduction
2023-06-29	CWE Content Team	4.12	—	updated Mapping_Notes
2025-12-11	CWE Content Team	4.19	—	updated Weakness_Ordinalities