CWE-223: Omission of Security-relevant Information

Description

The product does not record or display information that would be important for identifying the source or nature of an attack, or determining if an action is safe.

Submission Date :

July 19, 2006, midnight

Modification Date :

2023-10-26 00:00:00+00:00

Organization :

MITRE
Example Vulnerable Codes

Example - 1

This code logs suspicious multiple login attempts.

return True;

writeLog("Failed login attempt by User: " . $userName . " at " + date('r') );incrementLoginAttempts($userName);if(recentLoginAttempts($userName) > 5){}if(authenticate($userName,$password)){}else{}function login($userName,$password){}

This code only logs failed login attempts when a certain limit is reached. If an attacker knows this limit, they can stop their attack from being discovered by avoiding the limit.

Example - 2

This code prints the contents of a file if a user has permission.


// //resolve file if its a symbolic link// 
$realFile = readlink($filename);

echo file_get_contents($realFile);return;

echo 'Access denied';writeLog($user . ' attempted to access the file '. $filename . ' on '. date('r'));$user = getCurrentUser();$realFile = $filename;if(is_link($filename)){}if(fileowner($realFile) == $user){}else{}function readFile($filename){}

While the code logs a bad access attempt, it logs the user supplied name for the file, not the canonicalized file name. An attacker can obscure their target by giving the script the name of a link to the file they are attempting to access. Also note this code contains a race condition between the is_link() and readlink() functions (CWE-363).

Related Weaknesses

This table shows the weaknesses and high level categories that are related to this weakness. These relationships are defined to give an overview of the different insight to similar items that may exist at higher and lower levels of abstraction.

Visit http://cwe.mitre.org/ for more details.

© cvefeed.io
Latest DB Update: Dec. 22, 2024 12:44