CWE-359 - Exposure of Private Personal Information to an Unauthorized Actor
- Abstraction:Base
- Structure:Simple
- Status:Incomplete
- Release Date:2006-07-19
- Latest Modification Date:2024-11-19
Weakness Name
Exposure of Private Personal Information to an Unauthorized Actor
Description
The product does not properly prevent a person's private, personal information from being accessed by actors who either (1) are not explicitly authorized to access the information or (2) do not have the implicit consent of the person about whom the information is collected.
Common Consequences
Scope: Confidentiality
Impact: Read Application Data
Related Weaknesses
CWE-200Exposure of Sensitive Information to an Unauthorized ActorHigh
Related Alerts
PII DisclosureHigh