Logging of Excessive Data

The software logs too much information, making log files hard to process and possibly hindering recovery efforts or forensic analysis after an attack.


Description

While logging is a good practice in general, and very high levels of logging are appropriate for debugging stages of development, too much logging in a production environment might hinder a system administrator's ability to detect anomalous conditions. This can provide cover for an attacker while attempting to penetrate a system, clutter the audit trail for forensic analysis, or make it more difficult to debug problems in a production environment.

See Also

Audit / Logging Errors

Weaknesses in this category are related to audit-based components of a software system. Frequently these deal with logging user activities in order to identify undesir...

Audit

Weaknesses in this category are related to the design and architecture of audit-based components of the system. Frequently these deal with logging user activities in o...

Comprehensive CWE Dictionary

This view (slice) covers all the elements in CWE.

Weaknesses without Software Fault Patterns

CWE identifiers in this view are weaknesses that do not have associated Software Fault Patterns (SFPs), as covered by the CWE-888 view. As such, they represent gaps in...

Weakness Base Elements

This view (slice) displays only weakness base elements.


Common Weakness Enumeration content on this website is copyright of The MITRE Corporation unless otherwise specified. Use of the Common Weakness Enumeration and the associated references on this website are subject to the Terms of Use as specified by The MITRE Corporation.