CWE-1434: Insecure Setting of #Generative AI/ML #Model Inference #Parameters

CWE ID

CWE-1434

Weakness Name

Insecure Setting of #Generative AI/ML #Model Inference #Parameters

• Abstraction: Base
• Structure: Simple
• Status: Draft

Date

• Release Date: 2025-09-09
• Updated Date: 2025-09-09

Description

The product has a component that relies on a generative AI/ML model configured with inference parameters that produce an unacceptably high rate of erroneous or unexpected outputs.

Common Consequences

• Scope: Integrity, Other
• Impact: Varies by Context, Unexpected State

- Note: The product can generate inaccurate, misleading, or nonsensical information.

• Scope: Other
• Impact: Alter Execution Logic, Unexpected State, Varies by Context

- Note: If outputs are used in critical decision-making processes, errors could be propagated to other systems or components.

Related CWEs

• (CWE-665 Improper Initialization)[https://www.scyscan.com/cwe-665/improper-initialization/]
• (CWE-684 Incorrect Provision of Specified Functionality)[https://www.scyscan.com/cwe-684/incorrect-provision-of-specified-functionality/]
• (CWE-691 Insufficient Control Flow Management)[https://www.scyscan.com/cwe-691/insufficient-control-flow-management/]
• (CWE-440 Expected Behavior Violation)[https://www.scyscan.com/cwe-440/expected-behavior-violation/]

More CWEs Info

Common Weakness Enumeration List