CWE-537 - Java Runtime Error Message Containing Sensitive Information
- Abstraction:Variant
- Structure:Simple
- Status:Incomplete
- Release Date:2006-07-19
- Latest Modification Date:2024-02-29
Weakness Name
Java Runtime Error Message Containing Sensitive Information
Description
In many cases, an attacker can leverage the conditions that cause unhandled exception errors in order to gain unauthorized access to the system.
Common Consequences
Scope: Confidentiality
Impact: Read Application Data
Related Weaknesses
CWE-211Externally-Generated Error Message Containing Sensitive Information