CWE-221 - Information Loss or Omission

Abstraction:Class
Structure:Simple
Status:Incomplete

Release Date:2006-07-19
Latest Modification Date:2023-10-26

Weakness Name

Information Loss or Omission

Description

The product does not record, or improperly records, security-relevant information that leads to an incorrect decision or hampers later analysis.

This can be resultant, e.g. a buffer overflow might trigger a crash before the product can log the event.

Common Consequences

Scope: Non-Repudiation

Impact: Hide Activities

Related Weaknesses