Weaknesses in this category are related to audit-based components of a software system. Frequently these deal with logging user activities in order to identify undesired access and modifications to the system. The weaknesses in this category could lead to a degradation of the quality of the audit capability if they are not addressed.
| Nature | Mapping | Type | ID | Name |
|---|---|---|---|---|
| MemberOf | Prohibited | V | 699 | Software Development |
| HasMember | Allowed | B | 117 | Improper Output Neutralization for Logs |
| HasMember | Allowed | B | 222 | Truncation of Security-relevant Information |
| HasMember | Allowed | B | 223 | Omission of Security-relevant Information |
| HasMember | Allowed | B | 224 | Obscured Security-relevant Information by Alternate Name |
| HasMember | Allowed | B | 778 | Insufficient Logging |
| HasMember | Allowed | B | 779 | Logging of Excessive Data |
This entry is a Category. Using categories for mapping has been discouraged since 2019. Categories are informal organizational groupings of weaknesses that can help CWE users with data aggregation, navigation, and browsing. However, they are not weaknesses in themselves.
See member weaknesses of this category.
| Taxonomy Name | Entry ID | Fit | Entry Name |
|---|