CWE-201:Insertion of Sensitive Information Into Sent Data
Weakness ID:201
Version:v4.17
Weakness Name:Insertion of Sensitive Information Into Sent Data
Vulnerability Mapping:Allowed
Abstraction:Base
Structure:Simple
Status:Draft
Likelihood of Exploit:
▼Description
The code transmits data to another actor, but a portion of the data includes sensitive information that should not be accessible to that actor.
▼Extended Description
▼Alternate Terms
▼Relationships
Relevant to the view"Research Concepts - (1000)"
| Nature | Mapping | Type | ID | Name |
|---|---|---|---|---|
| CanAlsoBe | Allowed | B | 209 | Generation of Error Message Containing Sensitive Information |
| CanAlsoBe | Allowed | B | 202 | Exposure of Sensitive Information Through Data Queries |
| ChildOf | Discouraged | C | 200 | Exposure of Sensitive Information to an Unauthorized Actor |
| ParentOf | Allowed | B | 212 | Improper Removal of Sensitive Information Before Storage or Transfer |
| ParentOf | Allowed | B | 226 | Sensitive Information in Resource Not Removed Before Reuse |
| ParentOf | Allowed | V | 598 | Use of GET Request Method With Sensitive Query Strings |
Nature: CanAlsoBe
Mapping: Allowed
Type: Base
ID: 209
Nature: CanAlsoBe
Mapping: Allowed
Type: Base
ID: 202
Nature: ChildOf
Mapping: Discouraged
Type: Class
ID: 200
Nature: ParentOf
Mapping: Allowed
Type: Base
ID: 212
Nature: ParentOf
Mapping: Allowed
Type: Base
ID: 226
Nature: ParentOf
Mapping: Allowed
Type: Variant
ID: 598
▼Memberships
| Nature | Mapping | Type | ID | Name |
|---|---|---|---|---|
| MemberOf | Prohibited | C | 199 | Information Management Errors |
| MemberOf | Prohibited | C | 963 | SFP Secondary Cluster: Exposed Data |
| MemberOf | Prohibited | C | 1015 | Limit Access |
| MemberOf | Prohibited | C | 1345 | OWASP Top Ten 2021 Category A01:2021 - Broken Access Control |
| MemberOf | Prohibited | C | 1417 | Comprehensive Categorization: Sensitive Information Exposure |
Nature: MemberOf
Mapping: Prohibited
Type:Category
ID: 1345
Nature: MemberOf
Mapping: Prohibited
Type:Category
ID: 1417
▼Tags
| Nature | Mapping | Type | ID | Name |
|---|---|---|---|---|
| MemberOf | Prohibited | BS | BOSS-280 | Separation of Privilege Strategy |
| MemberOf | Prohibited | BS | BOSS-294 | Not Language-Specific Weaknesses |
| MemberOf | Prohibited | BS | BOSS-319 | Read Files or Directories (impact) |
| MemberOf | Prohibited | BS | BOSS-323 | Read Memory (impact) |
| MemberOf | Prohibited | BS | BOSS-328 | Read Application Data (impact) |
Nature: MemberOf
Mapping: Prohibited
Type:BOSSView
ID: BOSS-319
▼Relevant To View
Relevant to the view"Architectural Concepts - (1008)"
| Nature | Mapping | Type | ID | Name |
|---|---|---|---|---|
| MemberOf | Prohibited | C | 1015 | Limit Access |
Relevant to the view"OWASP Top Ten (2021) - (1344)"
| Nature | Mapping | Type | ID | Name |
|---|---|---|---|---|
| MemberOf | Prohibited | C | 1345 | OWASP Top Ten 2021 Category A01:2021 - Broken Access Control |
Nature: MemberOf
Mapping: Prohibited
Type: Category
ID: 1345
Relevant to the view"Software Development - (699)"
| Nature | Mapping | Type | ID | Name |
|---|---|---|---|---|
| MemberOf | Prohibited | C | 199 | Information Management Errors |
Relevant to the view"Software Fault Pattern (SFP) Clusters - (888)"
| Nature | Mapping | Type | ID | Name |
|---|---|---|---|---|
| MemberOf | Prohibited | C | 963 | SFP Secondary Cluster: Exposed Data |
▼Background Detail
▼Common Consequences
| Scope | Likelihood | Impact | Note |
|---|---|---|---|
| Confidentiality | N/A | Read Files or DirectoriesRead MemoryRead Application Data | Sensitive data may be exposed to attackers. |
Scope: Confidentiality
Likelihood: N/A
Impact: Read Files or Directories, Read Memory, Read Application Data
Note:
Sensitive data may be exposed to attackers.
▼Potential Mitigations
Phase:Requirements
Mitigation ID:
Strategy:
Effectiveness:
Description:
Specify which data in the software should be regarded as sensitive. Consider which types of users should have access to which types of data.
Note:
Phase:Implementation
Mitigation ID:
Strategy:
Effectiveness:
Description:
Ensure that any possibly sensitive data specified in the requirements is verified with designers to ensure that it is either a calculated risk or mitigated elsewhere. Any information that is not necessary to the functionality should be removed in order to lower both the overhead and the possibility of security sensitive data being sent.
Note:
Phase:System Configuration
Mitigation ID:
Strategy:
Effectiveness:
Description:
Setup default error messages so that unexpected errors do not disclose sensitive information.
Note:
Phase:Architecture and Design
Mitigation ID: MIT-46
Strategy: Separation of Privilege
Effectiveness:
Description:
Compartmentalize the system to have "safe" areas where trust boundaries can be unambiguously drawn. Do not allow sensitive data to go outside of the trust boundary and always be careful when interfacing with a compartment outside of the safe area.
Ensure that appropriate compartmentalization is built into the system design, and the compartmentalization allows for and reinforces privilege separation functionality. Architects and designers should rely on the principle of least privilege to decide the appropriate time to use privileges and the time to drop privileges.
Note:
▼Modes Of Introduction
Phase: Architecture and Design
Note:
N/A
Phase: Implementation
Note:
REALIZATION: This weakness is caused during implementation of an architectural security tactic.
▼Applicable Platforms
Languages
Class: Not Language-Specific(Undetermined Prevalence)
▼Demonstrative Examples
Example 1
The following is an actual MySQL error statement:
Language: ( code)
N/A
Language: SQL(Result code)
Warning: mysql_pconnect(): Access denied for user: 'root@localhost' (Using password: N1nj4) in /usr/local/www/wi-data/includes/database.inc on line 4
Language: ( code)
N/A
The error clearly exposes the database credentials.
▼Observed Examples
| Reference | Description |
|---|---|
| CVE-2022-0708 | Collaboration platform does not clear team emails in a response, allowing leak of email addresses |
Reference: CVE-2022-0708
Description:
Collaboration platform does not clear team emails in a response, allowing leak of email addresses
▼Affected Resources
▼Functional Areas
▼Weakness Ordinalities
| Ordinality | Description |
|---|
▼Detection Methods
Automated Static Analysis
Detection Method ID:DM-14
Description:
Automated static analysis, commonly referred to as Static Application Security Testing (SAST), can find some instances of this weakness by analyzing source code (or binary/compiled code) without having to execute it. Typically, this is done by building a model of data flow and control flow, then searching for potentially-vulnerable patterns that connect "sources" (origins of input) with "sinks" (destinations where the data interacts with external components, a lower layer such as the OS, etc.)
Effectiveness:High
Note:
N/A
▼Vulnerability Mapping Notes
Usage:Allowed
Reason:Acceptable-Use
Rationale:
This CWE entry is at the Base level of abstraction, which is a preferred level of abstraction for mapping to the root causes of vulnerabilities.
Comments:
Carefully read both the name and description to ensure that this mapping is an appropriate fit. Do not try to 'force' a mapping to a lower-level Base/Variant simply to comply with this preferred level of abstraction.
Suggestions:
▼Notes
Other
Sensitive information could include data that is sensitive in and of itself (such as credentials or private messages), or otherwise useful in the further exploitation of the system (such as internal file system structure).
N/A
▼Taxonomy Mappings
| Taxonomy Name | Entry ID | Fit | Entry Name |
|---|---|---|---|
| CLASP | N/A | N/A | Accidental leaking of sensitive information through sent data |
Taxonomy Name: CLASP
Entry ID: N/A
Fit: N/A
Entry Name: Accidental leaking of sensitive information through sent data
▼Related Attack Patterns
| ID | Name |
|---|---|
| CAPEC-12 | Choosing Message Identifier |
| CAPEC-217 | Exploiting Incorrectly Configured SSL/TLS |
| CAPEC-612 | WiFi MAC Address Tracking |
| CAPEC-613 | WiFi SSID Tracking |
| CAPEC-618 | Cellular Broadcast Message Request |
| CAPEC-619 | Signal Strength Tracking |
| CAPEC-621 | Analysis of Packet Timing and Sizes |
| CAPEC-622 | Electromagnetic Side-Channel Attack |
| CAPEC-623 | Compromising Emanations Attack |
ID: CAPEC-12
Name: Choosing Message Identifier
ID: CAPEC-217
Name: Exploiting Incorrectly Configured SSL/TLS
ID: CAPEC-612
Name: WiFi MAC Address Tracking
ID: CAPEC-613
Name: WiFi SSID Tracking
ID: CAPEC-618
Name: Cellular Broadcast Message Request
ID: CAPEC-619
Name: Signal Strength Tracking
ID: CAPEC-621
Name: Analysis of Packet Timing and Sizes
ID: CAPEC-622
Name: Electromagnetic Side-Channel Attack
ID: CAPEC-623
Name: Compromising Emanations Attack
▼References
Reference ID: REF-18
Title: The CLASP Application Security Process
Author: Secure Software, Inc.
Section:
Publication:
Publisher:
Edition:
URL Date:2024-11-17
Day:N/A
Month:N/A
Year:2005
Details not found