Audit

A category in the Common Weakness Enumeration published by The MITRE Corporation.

  • Source

    CWE Catalog - 4.12

  • Identifier

    CWE-1009

  • Status

    Draft

Contents

Summary

Categories in the Common Weakness Enumeration (CWE) group entries based on some common characteristic or attribute.

Weaknesses in this category are related to the design and architecture of audit-based components of the system. Frequently these deal with logging user activities in order to identify attackers and modifications to the system. The weaknesses in this category could lead to a degradation of the quality of the audit capability if they are not addressed when designing or implementing a secure architecture.

Weaknesses

Improper Output Neutralization for Logs

The product does not neutralize or incorrectly neutralizes output that is written to logs.

Insertion of Sensitive Information into Log File

Information written to log files can be of a sensitive nature and give valuable guidance to an attacker or expose sensitive user information.

Insufficient Logging

When a security-critical event occurs, the product either does not record the event or omits important details about the event when logging it.

Logging of Excessive Data

The product logs too much information, making log files hard to process and possibly hindering recovery efforts or forensic analysis after an attack.

Obscured Security-relevant Information by Alternate Name

The product records security-relevant information according to an alternate name of the affected entity, instead of the canonical name.

Omission of Security-relevant Information

The product does not record or display information that would be important for identifying the source or nature of an attack, or determining if an action is safe.

Concepts

Architectural Concepts

This view organizes weaknesses according to common architectural security tactics. It is intended to assist architects in identifying potential mistakes that can be ma...

See Also

  1. A Catalog of Security Architecture Weaknesses.

    2017 IEEE International Conference on Software Architecture (ICSA)

  2. Understanding Software Vulnerabilities Related to Architectural Security Tactics: An Empirical Investigation of Chromium, PHP and Thunderbird.

    2017 IEEE International Conference on Software Architecture (ICSA)

Common Weakness Enumeration content on this website is copyright of The MITRE Corporation unless otherwise specified. Use of the Common Weakness Enumeration and the associated references on this website are subject to the Terms of Use as specified by The MITRE Corporation.