CWE-540

Overview
  • CWE ID
  • 540
  • CWE Name
  • Inclusion of Sensitive Information in Source Code
  • CWE Abstraction
  • Base
  • CWE structure
  • Simple
  • CWE Status
  • Incomplete
Description
Source code on a web server or repository often contains sensitive information and should generally not be accessible to users.
Extended Description
There are situations where it is critical to remove source code from an area or server. For example, obtaining Perl source code on a system allows an attacker to understand the logic of the script and extract extremely useful information such as code bugs
Related CWEs
CWE ID View ID Nature Ordinal
538 1000 ChildOf Primary
Related CVEs
CVE
CVE-2021-1516
CVE-2023-23448
CVE-2023-30802
CVE-2023-39250
CVE-2023-35013
CVE-2024-2355
CVE-2024-2265
CVE-2024-1272
CVE-2023-30802
CVE-2023-39250
CVE-2023-35013
CVE-2024-2355
CVE-2024-2265
CVE-2024-1272
CVE-2024-39729
CVE-2024-8417
CVE-2024-27257
CVE-2024-9596
CVE-2024-38647