CWE-528 – Exposure of Core Dump File to an Unauthorized Control Sphere

Read Time:19 Second

Description

The product generates a core dump file in a directory, archive, or other resource that is stored, transferred, or otherwise made accessible to unauthorized actors.

Modes of Introduction:

– Operation

 

 

Related Weaknesses

CWE-552

 

Consequences

Confidentiality: Read Application Data, Read Files or Directories

 

Potential Mitigations

Phase: System Configuration

Description: 

Protect the core dump files from unauthorized access.

CVE References