BaseIncomplete

CWE-1230Exposure of Sensitive Information Through Metadata

Category: data-exposure

Description

The product prevents direct access to a resource containing sensitive information, but it does not sufficiently limit access to metadata that is derived from the original, sensitive information.

Common consequences· 1

  • Confidentiality — Read Application Data

References

  1. https://cwe.mitre.org/data/definitions/1230.html

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CWE
Exposure of Sensitive System Information to an Unauthorized Control Sphere
CWE
Exposure of Sensitive Information to an Unauthorized Actor
CWE
Missing Encryption of Sensitive Data
CWE
Storage of Sensitive Data in a Mechanism without Access Control
CWE
Cleartext Storage of Sensitive Information
CWE
Insecure Storage of Sensitive Information
Sourced from MITRE CWE 4.20. Curated for EU compliance use cases by Adam Lundqvist, Founder at SQUR.