CWE-215Insertion of Sensitive Information Into Debugging Code

PUBLISHEDweakness record
released 2006-07-19 · last modified 2025-12-11

Metadata

CWE ID:
CWE-215
摘要:
Base
结构:
Simple
状态:
Draft
发布日期:
2006-07-19
更新日期:
2025-12-11

名称

Insertion of Sensitive Information Into Debugging Code

描述

The product inserts sensitive information into debugging code, which could expose this information if the debugging code is not disabled in production.

When debugging, it may be necessary to report detailed information to the programmer. However, if the debugging code is not disabled when the product is operating in a production environment, then this sensitive information may be exposed to attackers.

常见后果

范围:
Confidentiality
影响:
Read Application Data

相关 CWE

相关警报