ClassIncomplete

CWE-221Information Loss or Omission

Category: other

Description

The product does not record, or improperly records, security-relevant information that leads to an incorrect decision or hampers later analysis.

Common consequences· 1

  • Non-Repudiation — Hide Activities

Related CAPEC attack patterns· 1

CAPEC-81

References

  1. https://cwe.mitre.org/data/definitions/221.html

Exploits (incoming)1

TypeTargetConfidenceTier
AttackPatternWeb Server Logs Tamperingcapec-81100%live

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CWE
Omission of Security-relevant Information
CWE
Insufficient Logging
CWE
Truncation of Security-relevant Information
CWE
Missing Encryption of Sensitive Data
CWE
Exposure of Sensitive System Information to an Unauthorized Control Sphere
CWE
Exposure of Sensitive Information Through Metadata
Sourced from MITRE CWE 4.20. Curated for EU compliance use cases by Adam Lundqvist, Founder at SQUR.