logo

CWE-11 - ASP.NET Misconfiguration: Creating Debug Binary

CWE-11

  • Abstraction:
  • Variant
  • Structure:
  • Simple
  • Status:
  • Draft
Weakness Name

ASP.NET Misconfiguration: Creating Debug Binary

Description

Debugging messages help attackers learn about the system and plan a form of attack.

ASP .NET applications can be configured to produce debug binaries. These binaries give detailed debugging messages and should not be used in production environments. Debug binaries are meant to be used in a development or testing environment and can pose a security risk if they are deployed to production.

Common Consequences

Scope: Confidentiality

Impact: Read Application Data

Notes: Attackers can leverage the additional information they gain from debugging output to mount attacks targeted on the framework, database, or other resources used by the application.

Related Weaknesses
  • Release Date:
  • 2006-07-19
  • Latest Modification Date:
  • 2023-06-29

Free security scan for your website