SFP Secondary Cluster: Information Loss

A category in the Common Weakness Enumeration published by The MITRE Corporation.


Summary

Categories in the Common Weakness Enumeration (CWE) group entries based on some common characteristic or attribute.

This category identifies Software Fault Patterns (SFPs) within the Information Loss cluster.

Weaknesses

Information Loss or Omission

The software does not record, or improperly records, security-relevant information that leads to an incorrect decision or hampers later analysis.

Obscured Security-relevant Information by Alternate Name

The software records security-relevant information according to an alternate name of the affected entity, instead of the canonical name.

Omission of Security-relevant Information

The application does not record or display information that would be important for identifying the source or nature of an attack, or determining if an action is safe.

Truncation of Security-relevant Information

The application truncates the display, recording, or processing of security-relevant information in a way that can obscure the source or nature of an attack.

Concepts

Software Fault Pattern (SFP) Clusters

CWE identifiers in this view are associated with clusters of Software Fault Patterns (SFPs).


Common Weakness Enumeration content on this website is copyright of The MITRE Corporation unless otherwise specified. Use of the Common Weakness Enumeration and the associated references on this website are subject to the Terms of Use as specified by The MITRE Corporation.