CWE-210

Self-generated Error Message Containing Sensitive Information

The product identifies an error condition and creates its own diagnostic or error messages that contain sensitive information.

Mitigation ID: MIT-40

Phases: Implementation, Build and Compilation

Strategy: Compilation or Build Hardening

Description:

  • Debugging information should not make its way into a production release.
Mitigation ID: MIT-40

Phases: Implementation, Build and Compilation

Strategy: Environment Hardening

Description:

  • Debugging information should not make its way into a production release.

No CAPEC attack patterns related to this CWE.

Back to CWE stats page