Read Time:33 Second
Description
A servlet error message indicates that there exists an unhandled exception in your web application code and may provide useful information to an attacker.
Modes of Introduction:
– Implementation
Related Weaknesses
Consequences
Confidentiality: Read Application Data
The error message may contain the location of the file in which the offending function is located. This may disclose the web root’s absolute path as well as give the attacker the location of application files or configuration information. It may even disclose the portion of code that failed. In many cases, an attacker can use the data to launch further attacks against the system.