Back to CWE list
CWE-528
Exposure of Core Dump File to an Unauthorized Control Sphere
Variant
Draft
Description
The product generates a core dump file in a directory, archive, or other resource that is stored, transferred, or otherwise made accessible to unauthorized actors.
Parent Weaknesses (ChildOf)
Common Consequences
Scope
Confidentiality
Impact
Read Application Data, Read Files or Directories
Potential Mitigations
System Configuration
Protect the core dump files from unauthorized access.
CVE-2024-10403SAN firmware OS includes SFTP/FTP server password in a core dump
Applicable Platforms
Not Language-Specific
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now