CWE-224 - Obscured Security-relevant Information by Alternate Name

CWE-224

Abstraction:
Base

Structure:
Simple

Status:
Incomplete

Weakness Name: Obscured Security-relevant Information by Alternate Name

Description: The product records security-relevant information according to an alternate name of the affected entity, instead of the canonical name.

Common Consequences: Scope: Non-Repudiation, Access Control
Impact: Hide Activities, Gain Privileges or Assume Identity

Related Weaknesses: CWE-221Information Loss or Omission

Release Date:
2006-07-19

Latest Modification Date:
2023-10-26

Free security scan for your website

Don't show website scan report rating on the leaderboard