CWE-779 - Logging of Excessive Data
CWE-779 Low
- Abstraction:
- Base
- Structure:
- Simple
- Status:
- Draft
- Weakness Name
Logging of Excessive Data
- Description
The product logs too much information, making log files hard to process and possibly hindering recovery efforts or forensic analysis after an attack.
While logging is a good practice in general, and very high levels of logging are appropriate for debugging stages of development, too much logging in a production environment might hinder a system administrator's ability to detect anomalous conditions. This can provide cover for an attacker while attempting to penetrate a system, clutter the audit trail for forensic analysis, or make it more difficult to debug problems in a production environment.
- Common Consequences
Scope: Availability
Impact: DoS: Resource Consumption (CPU), DoS: Resource Consumption (Other)
Notes: Log files can become so large that they consume excessive resources, such as disk and CPU, which can hinder the performance of the system.
Scope: Non-Repudiation
Impact: Hide Activities
Notes: Logging too much information can make the log files of less use to forensics analysts and developers when trying to diagnose a problem or recover from an attack.
Scope: Non-Repudiation
Impact: Hide Activities
Notes: If system administrators are unable to effectively process log files, attempted attacks may go undetected, possibly leading to eventual system compromise.
- Related Weaknesses
- Release Date:
- 2009-07-27
- Latest Modification Date:
- 2023-06-29
Free security scan for your website