Certain conditions, such as network failure, will cause a server error message to be displayed.
Extended Description
While error messages in and of themselves are not dangerous, per se, it is what an attacker can glean from them that might cause eventual problems.
ThreatScore
Threat Mapped score: 0.0
Industry: Finiancial
Threat priority: Unclassified
Observed Examples (CVEs)
No observed examples available.
Related Attack Patterns (CAPEC)
N/A
Attack TTPs
N/A
Modes of Introduction
Phase
Note
Implementation
REALIZATION: This weakness is caused during implementation of an architectural security tactic.
Common Consequences
Impact: Read Application Data — Notes:
Potential Mitigations
Architecture and Design: Recommendations include designing and adding consistent error handling mechanisms which are capable of handling any user input to your web application, providing meaningful detail to end-users, and preventing error messages that might provide information useful to an attacker from being displayed. (N/A)