Back to CWE list
CWE-210
Self-generated Error Message Containing Sensitive Information
Base
Draft
Description
The product identifies an error condition and creates its own diagnostic or error messages that contain sensitive information.
Parent Weaknesses (ChildOf)
Common Consequences
Scope
Confidentiality
Impact
Read Application Data
Potential Mitigations
Implementation
Build and Compilation
Debugging information should not make its way into a production release.
Implementation
Build and Compilation
Debugging information should not make its way into a production release.
CVE-2005-1745Infoleak of sensitive information in error message (physical access required).
Applicable Platforms
Not Language-Specific
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now