Query module ExposedSystemData
- Exposure of system data to an unauthorized control sphere
- Exposing system data or debugging information helps an adversary learn about the system and form an attack plan.
- security external/cwe/cwe-497
Somewhere data is output.
Data originating from the environment.
Data passed into a
Data obtained from a POSIX user/password/group database information call.
Data obtained from a POSIX system information call.
Data read from the Windows registry.
Data originating from a call to
Data passed into an SQL connect function.
Data that is output via a socket.
Data that is output via standard output or standard error.
An element that should not be exposed to an adversary.
Data obtained about Windows special paths (for example, the location of
Data obtained from a Windows system information call.