CWE-535: Exposure of Information Through Shell Error Message
ID
CWE-535
Abstraction
Variant
Structure
Simple
Status
Incomplete
A command shell error message indicates that there exists an unhandled exception in the web application code. In many cases, an attacker can leverage the conditions that cause these errors in order to gain unauthorized access to the system.
Modes of Introduction
Phase | Note |
---|---|
Architecture and Design | |
Implementation |
Loading...