Pretraži prema CWE oznaci - CERT CVE

CWE lista

CWE ID Opis
CWE-201 The code transmits data to another actor, but the data contains sensitive information that should not be accessible to the actor that is receiving the data.
CWE-202 When trying to keep information confidential, an attacker can often infer some of the information by using statistics.
CWE-203 The product behaves differently or sends different responses under different circumstances in a way that is observable to an unauthorized actor, which exposes security-relevant information about the state of the product, such as whether a particular operation was successful or not.
CWE-204 The product provides different responses to incoming requests in a way that reveals internal state information to an unauthorized actor outside of the intended control sphere.
CWE-205 The product's behaviors indicate important differences that may be observed by unauthorized actors in a way that reveals (1) its internal state or decision process, or (2) differences from other products with equivalent functionality.
CWE-206 The product performs multiple behaviors that are combined to produce a single result, but the individual behaviors are observable separately in a way that allows attackers to reveal internal state or internal decision points.
CWE-207 The product operates in an environment in which its existence or specific identity should not be known, but it behaves differently than other products with equivalent functionality, in a way that is observable to an attacker.
CWE-208 Two separate operations in a product require different amounts of time to complete, in a way that is observable to an actor and reveals security-relevant information about the state of the product, such as whether a particular operation was successful or not.
CWE-209 The software generates an error message that includes sensitive information about its environment, users, or associated data.
CWE-210 The software identifies an error condition and creates its own diagnostic or error messages that contain sensitive information.