Back to CWE list
CWE-537
Java Runtime Error Message Containing Sensitive Information
Variant
Incomplete
Description
In many cases, an attacker can leverage the conditions that cause unhandled exception errors in order to gain unauthorized access to the system.
Parent Weaknesses (ChildOf)
Common Consequences
Scope
Confidentiality
Impact
Read Application Data
Potential Mitigations
Implementation
Do not expose sensitive error information to the user.
Applicable Platforms
Java
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now