CWE-541 – Inclusion of Sensitive Information in an Include File

Read Time:22 Second

Description

If an include file source is accessible, the file can contain usernames and passwords, as well as sensitive information pertaining to the application and system.

Modes of Introduction:

– Implementation

 

 

Related Weaknesses

CWE-540

 

Consequences

Confidentiality: Read Application Data

 

Potential Mitigations

Phase: Architecture and Design

Description: 

Do not store sensitive information in include files.

Phase: Architecture and Design, System Configuration

Description: 

Protect include files from being exposed.

CVE References