Home / Vulnerability Database / C-sharp : Error handling: generic exception

C-sharp : Error handling: generic exception

Classification

OWASP ASVS

Error Handling and Logging

PCI DSS 4.0

6.2.4

CWE

CWE-396 CWE-397

Overview

The application generates an exception of a general type (Exception or ApplicationException) making it difficult to diagnose and recover from errors.

It is recommended to take full advantage of the C@ exception mechanism for error handling, which allows to accurately determine the type of exception in order to then process it in the proper catch-block.

References

CWE-397: Declaration of Throws for Generic Exception
Dont Throw Generic Exceptions - c2.com
Creating and Throwing Exceptions

LOW

C-sharp : Error handling: generic exception

Classification

Overview

References

DerScanner Severity Score

Do you want to fix C-sharp : Error handling: generic exception in your application?

See also

C-sharp : JWT: None Algorithm

C-sharp : Insecure data transmission: Database

C-sharp : Only one of method Equals() and GetHashCode() defined