CWE-778 - Insufficient Logging
CWE-778 Medium
- Abstraction:
- Base
- Structure:
- Simple
- Status:
- Draft
- Weakness Name
Insufficient Logging
- Description
When a security-critical event occurs, the product either does not record the event or omits important details about the event when logging it.
When security-critical events are not logged properly, such as a failed login attempt, this can make malicious behavior more difficult to detect and may hinder forensic analysis after an attack succeeds. As organizations adopt cloud storage resources, these technologies often require configuration changes to enable detailed logging information, since detailed logging can incur additional costs. This could lead to telemetry gaps in critical audit logs. For example, in Azure, the default value for logging is disabled.
- Common Consequences
Scope: Non-Repudiation
Impact: Hide Activities
Notes: If security critical information is not recorded, there will be no trail for forensic analysis and discovering the cause of problems or the source of attacks may become more difficult or impossible.
- Related Weaknesses
- Release Date:
- 2009-07-27
- Latest Modification Date:
- 2023-06-29
Free security scan for your website