CWE-537: Java Runtime Error Message Containing Sensitive Information
CWE版本: 4.18
更新日期: 2025-09-09
弱点描述
In many cases, an attacker can leverage the conditions that cause unhandled exception errors in order to gain unauthorized access to the system.
常见后果
影响范围: Confidentiality
技术影响: Read Application Data
潜在缓解措施
阶段: Implementation
描述: Do not expose sensitive error information to the user.
引入模式
| 阶段 | 说明 |
|---|---|
| Implementation | - |