CWE-215 - Insertion of Sensitive Information Into Debugging Code
CWE-215
- Abstraction:
- Base
- Structure:
- Simple
- Status:
- Draft
- Weakness Name
Insertion of Sensitive Information Into Debugging Code
- Description
The product inserts sensitive information into debugging code, which could expose this information if the debugging code is not disabled in production.
When debugging, it may be necessary to report detailed information to the programmer. However, if the debugging code is not disabled when the product is operating in a production environment, then this sensitive information may be exposed to attackers.
- Common Consequences
Scope: Confidentiality
Impact: Read Application Data
- Related Weaknesses
- Related Alerts
- Release Date:
- 2006-07-19
- Latest Modification Date:
- 2023-06-29
Free security scan for your website