1. Home
  2. Weaknesses
  3. CWE-535

CWE-535: Exposure of Information Through Shell Error Message

ID CWE-535
Abstraction Variant
Structure Simple
Status Incomplete
Detail Web & Social
A command shell error message indicates that there exists an unhandled exception in the web application code. In many cases, an attacker can leverage the conditions that cause these errors in order to gain unauthorized access to the system.

Modes of Introduction

Phase Note
Architecture and Design
Implementation

Relationships

View Weakness
# ID View Status # ID Name Abstraction Structure Status
CWE-1000 Research Concepts Draft CWE-211 Externally-Generated Error Message Containing Sensitive Information Base Simple Incomplete