CWE

Common Weakness Enumeration

A Community-Developed Dictionary of Software Weakness Types

CWE/SANS Top 25 Most Dangerous Software Errors Common Weakness Scoring System
Common Weakness Risk Analysis Framework
Home > CWE List > CWE- Individual Dictionary Definition (2.6)  

Presentation Filter:

CWE-532: Information Exposure Through Log Files

 
Information Exposure Through Log Files
Weakness ID: 532 (Weakness Variant)Status: Incomplete
+ Description

Description Summary

Information written to log files can be of a sensitive nature and give valuable guidance to an attacker or expose sensitive user information.

Extended Description

While logging all information may be helpful during development stages, it is important that logging levels be set appropriately before a product ships so that sensitive user data and system information are not accidentally exposed to potential attackers.

+ Time of Introduction
  • Architecture and Design
  • Implementation
  • Operation
+ Common Consequences
ScopeEffect
Confidentiality

Technical Impact: Read application data

Logging sensitive user data often provides attackers with an additional, less-protected path to acquiring the information.

+ Likelihood of Exploit

Medium

+ Demonstrative Examples

Example 1

In the following code snippet, a user's full name and credit card number are written to a log file.

(Bad Code)
Example Language: Java 
logger.info("Username: " + usernme + ", CCN: " + ccn);

Example 2

This code stores location information about the current user:

(Bad Code)
Example Language: Java 
locationClient = new LocationClient(this, this, this);
locationClient.connect();
currentUser.setLocation(locationClient.getLastLocation());
...
catch (Exception e) {
AlertDialog.Builder builder = new AlertDialog.Builder(this);
builder.setMessage("Sorry, this application has experienced an error.");
AlertDialog alert = builder.create();
alert.show();
Log.e("ExampleActivity", "Caught exception: " + e + " While on User:" + User.toString());
}

When the application encounters an exception it will write the user object to the log. Because the user object contains location information, the user's location is also written to the log.

+ Potential Mitigations

Phases: Architecture and Design; Implementation

Consider seriously the sensitivity of the information written into log files. Do not write secrets into the log files.

Phase: Operation

Protect log files against unauthorized read/write.

Phase: Implementation

Adjust configurations appropriately when software is transitioned from a debug state to production.

+ Relationships
NatureTypeIDNameView(s) this relationship pertains toView(s)
ChildOfWeakness BaseWeakness Base538File and Directory Information Exposure
Development Concepts (primary)699
Research Concepts (primary)1000
ChildOfWeakness BaseWeakness Base552Files or Directories Accessible to External Parties
Development Concepts699
Research Concepts1000
ChildOfCategoryCategory731OWASP Top Ten 2004 Category A10 - Insecure Configuration Management
Weaknesses in OWASP Top Ten (2004) (primary)711
ChildOfCategoryCategory857CERT Java Secure Coding Section 12 - Input Output (FIO)
Weaknesses Addressed by the CERT Java Secure Coding Standard (primary)844
ChildOfCategoryCategory895SFP Cluster: Information Leak
Software Fault Pattern (SFP) Clusters (primary)888
ParentOfWeakness VariantWeakness Variant533Information Exposure Through Server Log Files
Development Concepts (primary)699
Research Concepts (primary)1000
ParentOfWeakness VariantWeakness Variant534Information Exposure Through Debug Log Files
Development Concepts (primary)699
Research Concepts (primary)1000
ParentOfWeakness VariantWeakness Variant542Information Exposure Through Cleanup Log Files
Development Concepts (primary)699
Research Concepts (primary)1000
+ Taxonomy Mappings
Mapped Taxonomy NameNode IDFitMapped Node Name
Anonymous Tool Vendor (under NDA)
CERT Java Secure CodingFIO13-JDo not log sensitive information outside a trust boundary
+ Content History
Submissions
Submission DateSubmitterOrganizationSource
Anonymous Tool Vendor (under NDA)Externally Mined
Contributions
Contribution DateContributorOrganizationSource
2009-07-15Fortify SoftwareContent
Portions of Mitigations, Consequences and Description derived from content submitted by Fortify Software.
Modifications
Modification DateModifierOrganizationSource
2008-07-01Sean EidemillerCigitalExternal
added/updated demonstrative examples
2008-07-01Eric DalciCigitalExternal
updated Potential_Mitigations, Time_of_Introduction
2008-09-08CWE Content TeamMITREInternal
updated Relationships, Taxonomy_Mappings
2009-03-10CWE Content TeamMITREInternal
updated Relationships
2009-07-27CWE Content TeamMITREInternal
updated Common_Consequences, Description, Likelihood_of_Exploit, Potential_Mitigations
2011-03-29CWE Content TeamMITREInternal
updated Name
2011-06-01CWE Content TeamMITREInternal
updated Common_Consequences, Relationships, Taxonomy_Mappings
2012-05-11CWE Content TeamMITREInternal
updated Related_Attack_Patterns, Relationships, Taxonomy_Mappings
2014-02-18CWE Content TeamMITREInternal
updated Demonstrative_Examples
Previous Entry Names
Change DatePrevious Entry Name
2011-03-29Information Leak Through Log Files
Page Last Updated: February 18, 2014