CWE-200 (Information Exposure)
GPTKB entity
Statements (25)
| Predicate | Object |
|---|---|
| gptkbp:instanceOf |
gptkb:Common_Weakness_Enumeration
|
| gptkbp:category |
Security Weakness
|
| gptkbp:cause |
gptkb:Data_Breach
Privacy Violation Information Disclosure |
| gptkbp:describes |
A weakness where information is exposed to unauthorized actors
|
| gptkbp:example |
Exposing sensitive data in error messages
Leaking credentials in logs Unrestricted directory listing |
| gptkbp:hasCWE |
gptkb:CWE-200
|
| https://www.w3.org/2000/01/rdf-schema#label |
CWE-200 (Information Exposure)
|
| gptkbp:maintainedBy |
gptkb:MITRE_Corporation
|
| gptkbp:mitigatedBy |
Implement proper authentication and authorization
Limit information in error messages Restrict access to sensitive data Sanitize log files Use encryption for sensitive data |
| gptkbp:name |
Information Exposure
|
| gptkbp:partOf |
gptkb:CWE_Top_25_Most_Dangerous_Software_Weaknesses
|
| gptkbp:referencedIn |
https://cwe.mitre.org/data/definitions/200.html
|
| gptkbp:relatedTo |
gptkb:CWE-522_(Insufficiently_Protected_Credentials)
CWE-209 (Information Exposure Through an Error Message) CWE-201 (Information Exposure Through Sent Data) |
| gptkbp:bfsParent |
gptkb:Common_Weakness_Enumeration_(CWE)
|
| gptkbp:bfsLayer |
7
|