CWE-532Insertion of Sensitive Information into Log File

PUBLISHEDweakness recordMedium
released 2006-07-19 · last modified 2025-12-11
CWE-532 - Insertion of Sensitive Information into Log File - Diagram

Metadata

CWE ID:
CWE-532
摘要:
Base
结构:
Simple
状态:
Incomplete
发布日期:
2006-07-19
更新日期:
2025-12-11

名称

Insertion of Sensitive Information into Log File

描述

The product writes sensitive information to a log file.

常见后果

范围:
Confidentiality
影响:
Read Application Data
注释:
Logging sensitive user data, full path names, or system information often provides attackers with an additional, less-protected path to acquiring the information.

相关 CWE