[Forgot Password]
Login  Register Subscribe

30430

 
 

423868

 
 

247768

 
 

909

 
 

194555

 
 

282

 
Paid content will be excluded from the download.


Download | Alert*
CWE
view XML

Information Exposure Through Debug Log Files

ID: 534Date: (C)2012-05-14   (M)2022-10-10
Type: weaknessStatus: DRAFT
Abstraction Type: Variant





Description

The application does not sufficiently restrict access to a log file that is used for debugging.

Applicable Platforms
None

Time Of Introduction

  • Operation

Common Consequences

ScopeTechnical ImpactNotes
Confidentiality
 		Read application data
 		 

Detection Methods
None

Potential Mitigations

PhaseStrategyDescriptionEffectivenessNotes
Distribution
 		 Remove debug log files before deploying the application into production.
 		  

Relationships

Related CWETypeViewChain
CWE-534 ChildOf CWE-895 Category CWE-888  

Demonstrative Examples
None

White Box Definitions
None

Black Box Definitions
None

Taxynomy Mappings

TaxynomyIdNameFit
Anonymous Tool Vendor (under NDA)  
 		 

References:
None
CVE    2
CVE-2017-11398
CVE-2015-6941

© SecPod Technologies