CVEbaza.plSłownik CWECWE-11
Common Weakness Enumeration

CWE-11

ASP.NET Misconfiguration: Creating Debug Binary

Kategoria: VariantCVE: 2
Opis

Wiadomości debugowania pomagają atakującym poznać system i zaplanować formę ataku. Ujawnianie informacji o debugowaniu stanowi poważne zagrożenie bezpieczeństwa aplikacji.

Description (EN)

Debugging messages help attackers learn about the system and plan a form of attack.

Podatności CVE z CWE-11 (2)
5.3
CVSS
MEDIUM
CVE-2024-48008

Dell RecoverPoint for Virtual Machines 6.0.x contains a OS Command Injection vulnerability. An Low privileged remote attacker could potentially exploit this vulnerability leading to information disclosure ,allowing of unintended actions like reading files that may contain sensitive information

pub. 2024-12-13
5.3
CVSS
MEDIUM
CVE-2021-35235

The ASP.NET debug feature is enabled by default in Kiwi Syslog Server 9.7.2 and previous versions. ASP.NET allows remote debugging of web applications, if configured to do so. Debug mode causes ASP.NET to compile applications with extra information. The information enables a debugger to closely monitor and control the execution of an application. If an attacker could successfully start a remote debugging session, this is likely to disclose sensitive information about the web application and supporting infrastructure that may be valuable in targeting SWI with malicious intent.

pub. 2021-10-27
Informacje
ID: CWE-11
Typ: Variant
Podatności: 2
MITRE CWE ↗
← Słownik CWE
CWE-11 — Błędna konfiguracja ASP.NET: Tworzenie binarnego pliku debugowania | Słownik CWE | CVEbaza.pl