CWE-224 - Obscured Security-relevant Information by Alternate Name
- Abstraction:Base
- Structure:Simple
- Status:Incomplete
- Release Date:2006-07-19
- Latest Modification Date:2023-10-26
Weakness Name
Obscured Security-relevant Information by Alternate Name
Description
The product records security-relevant information according to an alternate name of the affected entity, instead of the canonical name.
Common Consequences
Scope: Non-Repudiation, Access Control
Impact: Hide Activities, Gain Privileges or Assume Identity