CWE-200
Weakness ID:200(Weakness Class)
Status: Incomplete
ソスソスソスRソスソスソスソス
ソスソスソス
ソスソスソスソスvソスソス
ソスソスソスフ漏ソスソスソスソスソスニは、ソスソスソスYソスソスソスノアソスNソスZソスXソスソスソス驍スソス゚の認ソスツを明趣ソスソスIソスノ受けてゑソスソスネゑソスソスメに対ゑソスソスト、ソスソスが意図ソスIソスノゑソスソス驍「ソスヘ意図ソスソスソスソスソスノ開ソスソスソスソスソスソス驍アソスニでゑソスソスB
ソスレ細な会ソスソス
ソスソスソスニは、ソスネ会ソスソスフゑソスソスソスソス黷ゥソスソスソスwソスソスソスワゑソスソスB
1) ソスソスソスソスソスソスソスbソスZソス[ソスWソスネど、ソスソスソスiソスソスソスフの機ソス\ソスフ抵ソスソスナ慎ソスdソスノ茨ソスソスソスソスソスソスソス
2) ソスUソスソスソスメにとゑソスソスト有ソスvソスソスソスソスソスハ擾ソスヘ難ソスソスソスツ能ソスナなゑソスソスAソスソスソスiソスソスツ具ソスソスノ関ゑソスソスソスソスソス (ソスソスソスソスソス[ソスgソスナアソスNソスZソスXソスツ能ソスネ撰ソスソスiソスCソスソスソスXソスgソス[ソスソスソスpソスXソスネゑソス)
ソスソスソスフ漏ソスソスソスソスソスフ托ソスソスソスソスヘ、ソスソスソスフ脆弱性ソスニ関連ソスソスソスソスソスソスソスハとゑソスソスト費ソスソスソスソスソスソスワゑソスソスソス (ソスソスFPHP ソスXソスNソスソスソスvソスgソスGソスソスソス[ソスノゑソスソスソスソスソスpソスXソスフ漏ソスソスソスソス) ソスAソスPソスニで費ソスソスソスソスソスソスソスツ能ソスソスソスソスソスソスソスソスワゑソス (ソスソスFソステ搾ソスソスソスソスソスソスノゑソスソスソスソスソス^ソスCソス~ソスソスソスOソスフ不ソスソスv) ソスBソスソスソスフ漏ソスソスソスソスソスソスソスソスソスソスソスニ弱性ソスヘ托ソスソス多ソスlソスナゑソスソスBソスソスソスソスソスフ脆弱性ソスフ影ソスソスソスxソスヘ、ソスRソスソスソスソスソスソスソスソスソスソスソスフ趣ソズに依托ソスソスソスソスワゑソスソスB
ソスハ厄ソス
Information DisclosureソスiソスソスソスソスソスJソスj:
ソスソスソスフ用ソスソスヘ脆弱性ソスfソス[ソス^ソスxソス[ソスXソス竄サソスフ托ソスソスフ擾ソス源にゑソスソスソスソスト使ソスpソスソスソスソスワゑソスソスソスソスA"disclosure(ソスソスソスJ)" ソスニゑソスソスソスソスソスソスtソスソスソスソスノセソスLソスソスソスソスソスeソスBソスノ関ゑソスソスソスモ厄ソスソスソスソスワむわけソスナはゑソスソスソスワゑソスソスソスBソスワゑソスソスAソスソスソスソスソス@ソスヨ連ソスフ包ソスソスソスソスノゑソスソスソスソストゑソスソス謔ュソスgソスpソスソスソスソストゑソスソスワゑソスソスソスソスAソスZソスLソスソスソスソスソスeソスBソスノ関連ソスソスソスソスソスソスフ鯉ソスソスJソスノつゑソスソストは鯉ソスソスyソスソスソスソストゑソスソスワゑソスソスソスB
Information LeakソスiソスソスソスRソスソスソスソスソスj:
"leak" ソスニゑソスソスソスソスソスソスtソスソスソス謔ュソスgソスpソスソスソスソスワゑソスソスソスソスAソスZソスLソスソスソスソスソスeソスBソスノゑソスソスソスソストは包ソスソスソスソスフ意厄ソスソスソスソスソスソスソスソスワゑソスソスBソスソスソスソスナ擾ソスがゑソスソス轤ウソスソス驍アソスニゑソスソスwソスソスソスソスソスハ、"memory leak(ソスソスソスソスソスソスソスソスソス[ソスN)" ソスフようソスノ枯奇ソスソスノつなゑソスソスソス謔、ソスネソスソス\ソス[ソスXソスフ不ソスソスソスネ追跡ゑソスソスwソスソスソス鼾ソスソスソスソスソスソスワゑソスソスBソスソスソスフゑソスソス゚、CWE ソスナゑソス "leak" ソスフ使ソスpソスソスソスソスソスソストゑソスソスワゑソスソスB
ソスニ弱性ソスフ費ソスソスソスソスソスソスソス
ソスAソス[ソスLソスeソスNソス`ソスソスソスソスソスソスム設計
ソスソスソスソス
ソスYソスソスソスソスソスソスvソスソスソスbソスgソスtソスHソス[ソスソス
ソスソスソスソス
ソスSソスソス
ソスUソスソスソスソスソスけゑソスツ能ソスソス
ソスソスソスソス
ソスソスQソスフ緩和ソスソス
ソスMソスソスソスナゑソスソス驪ォソスEソスナ厄ソスソスmソスノ具ソスリゑソスソスソスuソスソスソスSソスネ」ソスソスソスソスソスmソスロゑソスソス驍スソス゚、ソスVソスXソスeソスソスソスソスソス謨ェソスソスソスソスソスト会ソスソスソスソスソスソスBソス@ソスソスソスソスが信ソスソスソスナゑソスソス驪ォソスEソスフ外ソスソスソスノ出ソスト行ソスソスソスソスソスニゑソスソスソスソスツゑソスソスソスソスAソスソスソスSソスフ茨ソスフ外ソスソスソスフ具ソスソスノイソスソスソス^ソス[ソスtソスFソス[ソスXソスナ鯉ソスソスソスソスソスソスソス鼾ソスヘ抵ソスソスモゑソスソスト会ソスソスソスソスソスソスB
ソスソスソスソスソスノゑソスソスソスソス髑シソスフ脆弱性ソスニの依托ソスソスヨ係
| ソスヒ托ソスソスヨ係 | ソスレ搾ソス |
|---|---|
| ソスヒ托ソスソスI | ソスソスソスフ脆弱性ソスソスソスソスソスンゑソスソス驍アソスニにゑソス阡ュソスソス |
ソスヨ係ソスソス
| Nature | Type | ID | Name | View(s) this relationship pertains to |
|---|---|---|---|---|
| ChildOf | Category | 199 | Information Management Errors | Development Concepts (primary)699 |
| ChildOf | Weakness Class | 668 | Exposure of Resource to Wrong Sphere | Research Concepts (primary)1000 |
| ChildOf | Category | 717 | OWASP Top Ten 2007 Category A6 - Information Leakage and Improper Error Handling | Weaknesses in OWASP Top Ten (2007) (primary)629 |
| ParentOf | Weakness Variant | 201 | Information Exposure Through Sent Data | Development Concepts (primary)699 |
| Research Concepts (primary)1000 | ||||
| ParentOf | Weakness Variant | 202 | Privacy Leak through Data Queries | Development Concepts (primary)699 |
| ParentOf | Weakness Class | 203 | Information Exposure Through Discrepancy | Development Concepts (primary)699 |
| Research Concepts (primary)1000 | ||||
| ParentOf | Weakness Base | 209 | Information Exposure Through an Error Message | Development Concepts (primary)699 |
| Research Concepts (primary)1000 | ||||
| ParentOf | Weakness Base | 212 | Improper Cross-boundary Removal of Sensitive Data | Development Concepts (primary)699 |
| Research Concepts (primary)1000 | ||||
| ParentOf | Weakness Base | 213 | Intended Information Leak | Development Concepts (primary)699 |
| Research Concepts (primary)1000 | ||||
| ParentOf | Weakness Variant | 214 | Process Environment Information Leak | Development Concepts (primary)699 |
| Research Concepts (primary)1000 | ||||
| ParentOf | Weakness Variant | 215 | Information Exposure Through Debug Information | Development Concepts (primary)699 |
| Research Concepts (primary)1000 | ||||
| ParentOf | Weakness Base | 226 | Sensitive Information Uncleared Before Release | Development Concepts (primary)699 |
| Research Concepts1000 | ||||
| ParentOf | Weakness Class | 359 | Privacy Violation | Research Concepts (primary)1000 |
| ParentOf | Weakness Variant | 497 | Exposure of System Data to an Unauthorized Control Sphere | Development Concepts (primary)699 |
| Research Concepts (primary)1000 | ||||
| ParentOf | Weakness Variant | 524 | Information Leak Through Caching | Development Concepts (primary)699 |
| Research Concepts (primary)1000 | ||||
| ParentOf | Weakness Variant | 526 | Information Leak Through Environmental Variables | Development Concepts (primary)699 |
| Research Concepts (primary)1000 | ||||
| ParentOf | Weakness Base | 538 | File and Directory Information Exposure | Development Concepts (primary)699 |
| Research Concepts (primary)1000 | ||||
| ParentOf | Weakness Variant | 598 | Information Leak Through Query Strings in GET Request | Development Concepts (primary)699 |
| Research Concepts (primary)1000 | ||||
| ParentOf | Weakness Variant | 612 | Information Leak Through Indexing of Private Data | Development Concepts (primary)699 |
| Research Concepts (primary)1000 | ||||
| MemberOf | View | 635 | Weaknesses Used by NVD | Weaknesses Used by NVD (primary)635 |
| CanFollow | Weakness Variant | 498 | Information Leak through Class Cloning | Development Concepts699 |
| Research Concepts1000 | ||||
| CanFollow | Weakness Variant | 499 | Serializable Class Containing Sensitive Data | Development Concepts699 |
| Research Concepts1000 |
ソスソスソスgソスDソスナの包ソスソスソス
| ソスgソスDソスソスソスワゑソスソスヘ組ソスDソスナの包ソスソスソス | ソスmソス[ソスh ID | CWEソスフ包ソスソズとの適ソスソスソスx | ソスソスソズ厄ソス |
|---|---|---|---|
| PLOVER | Information Leak (information disclosure) | ||
| OWASP Top Ten 2007 | A6 | CWE ソスフ包ソスソスソスソスレ搾ソス | Information Leakage and Improper Error Handling |
| WASC | 13 | Information Leakage |
ソスヨ連ソスソスソスソスUソスソスソスpソス^ソス[ソスソス
| CAPEC-ID | ソスUソスソスソスpソス^ソス[ソスソスソスソス (CAPEC Version 1.5) |
|---|---|
| 13 | Subverting Environment Variable Values |
| 22 | Exploiting Trust in Client (aka Make the Client Invisible) |
| 59 | Session Credential Falsification through Prediction |
| 60 | Reusing Session IDs (aka Session Replay) |
| 79 | Using Slashes in Alternate Encoding |
| 281 | Analytic Attacks |
ソスXソスVソスソスソスソス
[2011ソスN04ソスソス21ソスソス]
2010ソスN10ソスソス12ソスソスソスソスソス_ソスフデソス[ソス^ソスソスソスソスソスノ更ソスV
[2009ソスN06ソスソス29ソスソス]
2009ソスN02ソスソス02ソスソスソスソスソス_ソスフ会ソスソスL URL ソスソスソスソスソスノ作成
http://cwe.mitre.org/data/definitions/200.html
ソスoソス^ソスソス 2011/04/21
ソスナ終ソスXソスVソスソス 2023/04/04
