The product makes sensitive information available to someone who isn't explicitly permitted to access it.
CWE-200 arises when confidential information (e.g., application systems and network information, user-supplied data such as names email addresses) is made available to individuals who are not authorized to see it.
This flaw could be the outcome of various issues involving the disclosure of sensitive information. When the following conditions exist, the information is considered sensitive: It is sensitive within the product's operations (e.g., information with restricted access, private messages, etc.) It includes information about the product, its environment, or connected systems that the application is not supposed to reveal. The application relies on sensitive information-containing resources (e.g., databases) and inadvertently reveals how an unauthorized person could access such resources.
This code tries to connect to a database and prints any errors it encounters. Example Language: Java
If an error occurs, the reported message reveals the location of the script's configuration file. An attacker can use this information to target the configuration file (perhaps exploiting a Path Traversal weakness). If the attacker can read the file, they will access the database's credentials.
The fundamental strategy for protecting sensitive data is to use secure storage and access techniques. However, information assets must first be identified to identify what should be secured and how it should be protected. Divide the system into "safe" zones where clear trust lines can be drawn. Allowing sensitive data to leave the trust boundary is not a good idea, and always be cautious when interacting with a division outside of the secure zone. Never keep/store log files with world-readable permissions; Architects and designers should utilize the principle of least privilege to determine whether privileges should be used and when they should be discarded.