CWE-215
Overview
- CWE ID
- 215
- CWE Name
- Insertion of Sensitive Information Into Debugging Code
- CWE Abstraction
- Base
- CWE structure
- Simple
- CWE Status
- Draft
Description
The application inserts sensitive information into debugging code, which could expose this information if the debugging code is not disabled in production.
Extended Description
When debugging, it may be necessary to report detailed information to the programmer. However, if the debugging code is not disabled when the application is operating in a production environment, then this sensitive information may be exposed to attacker
Related CWEs
| CWE ID | View ID | Nature | Ordinal |
|---|---|---|---|
| 200 | 1000 | ChildOf | Primary |