The attacker must understand how the logging mechanism works.
Optionally, the attacker must know the location and the format of individual entries of the log files.
Nom de la faiblesse | |
---|---|
CWE-117 |
Improper Output Neutralization for Logs The product constructs a log message from external input, but it does not neutralize or incorrectly neutralizes special elements when the message is written to a log file. |
Nom | Organisation | Date | Date de publication |
---|---|---|---|
CAPEC Content Team | The MITRE Corporation |
Nom | Organisation | Date | Commentaire |
---|---|---|---|
CAPEC Content Team | The MITRE Corporation | Updated Related_Attack_Patterns | |
CAPEC Content Team | The MITRE Corporation | Updated Related_Weaknesses | |
CAPEC Content Team | The MITRE Corporation | Updated Related_Attack_Patterns | |
CAPEC Content Team | The MITRE Corporation | Updated Taxonomy_Mappings | |
CAPEC Content Team | The MITRE Corporation | Updated Related_Attack_Patterns, Taxonomy_Mappings |