logo

CWE-550 - Server-generated Error Message Containing Sensitive Information

CWE-550

  • Abstraction:
  • Variant
  • Structure:
  • Simple
  • Status:
  • Incomplete
Weakness Name

Server-generated Error Message Containing Sensitive Information

Description

Certain conditions, such as network failure, will cause a server error message to be displayed.

While error messages in and of themselves are not dangerous, per se, it is what an attacker can glean from them that might cause eventual problems.

Common Consequences

Scope: Confidentiality

Impact: Read Application Data

Related Weaknesses
  • Release Date:
  • 2006-07-19
  • Latest Modification Date:
  • 2023-06-29

Free security scan for your website