Read Time:9 Second
Description
This entry has been deprecated because its abstraction was too low-level. See CWE-532.
Modes of Introduction:
Related Weaknesses
Consequences
Monthly Archives: May 2022
CWE-532 – Insertion of Sensitive Information into Log File
Read Time:48 Second
Description
Information written to log files can be of a sensitive nature and give valuable guidance to an attacker or expose sensitive user information.
Modes of Introduction:
– Architecture and Design
Likelihood of Exploit: Medium
Related Weaknesses
Consequences
Confidentiality: Read Application Data
Logging sensitive user data often provides attackers with an additional, less-protected path to acquiring the information.
Potential Mitigations
Phase: Architecture and Design, Implementation
Description:
Consider seriously the sensitivity of the information written into log files. Do not write secrets into the log files.
Phase: Distribution
Description:
Remove debug log files before deploying the application into production.
Phase: Operation
Description:
Protect log files against unauthorized read/write.
Phase: Implementation
Description:
Adjust configurations appropriately when software is transitioned from a debug state to production.
CVE References
- CVE-2017-9615
- verbose logging stores admin credentials in a world-readablelog file
- CVE-2018-1999036
- SSH password for private key stored in build log
CWE-531 – Inclusion of Sensitive Information in Test Code
Read Time:22 Second
Description
Accessible test applications can pose a variety of security risks. Since developers or administrators rarely consider that someone besides themselves would even know about the existence of these applications, it is common for them to contain sensitive information or functions.
Modes of Introduction:
– Testing
Related Weaknesses
Consequences
Confidentiality: Read Application Data
Potential Mitigations
Phase: Distribution, Installation
Description:
Remove test code before deploying the application into production.
CVE References
CWE-530 – Exposure of Backup File to an Unauthorized Control Sphere
Read Time:47 Second
Description
A backup file is stored in a directory or archive that is made accessible to unauthorized actors.
Often, older backup files are renamed with an extension such as .~bk to distinguish them from production files. The source code for old files that have been renamed in this manner and left in the webroot can often be retrieved. This renaming may have been performed automatically by the web server, or manually by the administrator.
Modes of Introduction:
– Operation
Related Weaknesses
Consequences
Confidentiality: Read Application Data
At a minimum, an attacker who retrieves this file would have all the information contained in it, whether that be database calls, the format of parameters accepted by the application, or simply information regarding the architectural structure of your site.
Potential Mitigations
Phase: Policy
Description:
Recommendations include implementing a security policy within your organization that prohibits backing up web application source code in the webroot.
CVE References
CWE-53 – Path Equivalence: ‘multiple\internalbackslash’
Read Time:37 Second
Description
A software system that accepts path input in the form of multiple internal backslash (‘multipletrailing\slash’) without appropriate validation can lead to ambiguous path resolution and allow an attacker to traverse the file system to unintended locations or access arbitrary files.
Modes of Introduction:
– Implementation
Related Weaknesses
Consequences
Confidentiality, Integrity: Read Files or Directories, Modify Files or Directories
Potential Mitigations
Phase: Implementation
Description:
Inputs should be decoded and canonicalized to the application’s current internal representation before being validated (CWE-180). Make sure that the application does not decode the same input twice (CWE-174). Such errors could be used to bypass allowlist validation schemes by introducing dangerous inputs after they have been checked.
CVE References
CWE-529 – Exposure of Access Control List Files to an Unauthorized Control Sphere
Read Time:31 Second
Description
The product stores access control list files in a directory or other container that is accessible to actors outside of the intended control sphere.
Exposure of these access control list files may give the attacker information about the configuration of the site or system. This information may then be used to bypass the intended security policy or identify trusted systems from which an attack can be launched.
Modes of Introduction:
– Operation
Related Weaknesses
Consequences
Confidentiality, Access Control: Read Application Data, Bypass Protection Mechanism
Potential Mitigations
Phase: System Configuration
Description:
Protect access control list files.
CVE References
CWE-528 – Exposure of Core Dump File to an Unauthorized Control Sphere
Read Time:19 Second
Description
The product generates a core dump file in a directory, archive, or other resource that is stored, transferred, or otherwise made accessible to unauthorized actors.
Modes of Introduction:
– Operation
Related Weaknesses
Consequences
Confidentiality: Read Application Data, Read Files or Directories
Potential Mitigations
Phase: System Configuration
Description:
Protect the core dump files from unauthorized access.
CVE References
CWE-527 – Exposure of Version-Control Repository to an Unauthorized Control Sphere
Read Time:49 Second
Description
The product stores a CVS, git, or other repository in a directory, archive, or other resource that is stored, transferred, or otherwise made accessible to unauthorized actors.
Version control repositories such as CVS or git store version-specific metadata and other details within subdirectories. If these subdirectories are stored on a web server or added to an archive, then these could be used by an attacker. This information may include usernames, filenames, path root, IP addresses, and detailed “diff” data about how files have been changed – which could reveal source code snippets that were never intended to be made public.
Modes of Introduction:
– Operation
Related Weaknesses
Consequences
Confidentiality: Read Application Data, Read Files or Directories
Potential Mitigations
Phase: Operation, Distribution, System Configuration
Description:
Recommendations include removing any CVS directories and repositories from the production server, disabling the use of remote CVS repositories, and ensuring that the latest CVS patches and version updates have been performed.
CVE References
CWE-526 – Exposure of Sensitive Information Through Environmental Variables
Read Time:15 Second
Description
Environmental variables may contain sensitive information about a remote server.
Modes of Introduction:
– Architecture and Design
Related Weaknesses
Consequences
Confidentiality: Read Application Data
Potential Mitigations
Phase: Architecture and Design
Description:
Protect information stored in environment variable from being exposed to the user.
CVE References
CWE-525 – Use of Web Browser Cache Containing Sensitive Information
Read Time:45 Second
Description
The web application does not use an appropriate caching policy that specifies the extent to which each web page and associated form fields should be cached.
Modes of Introduction:
– Implementation
Related Weaknesses
Consequences
Confidentiality: Read Application Data
Browsers often store information in a client-side cache, which can leave behind sensitive information for other users to find and exploit, such as passwords or credit card numbers. The locations at most risk include public terminals, such as those in libraries and Internet cafes.
Potential Mitigations
Phase: Architecture and Design
Description:
Protect information stored in cache.
Phase: Architecture and Design, Implementation
Description:
Use a restrictive caching policy for forms and web pages that potentially contain sensitive information.
Phase: Architecture and Design
Description:
Do not store unnecessarily sensitive information in the cache.
Phase: Architecture and Design
Description:
Consider using encryption in the cache.