Information Loss or Omission

Incomplete Class

Structure: Simple

Description

The product does not record, or improperly records, security-relevant information that leads to an incorrect decision or hampers later analysis.

Extended Description

This can be resultant, e.g. a buffer overflow might trigger a crash before the product can log the event.

Common Consequences 1

Scope: Non-Repudiation

Impact: Hide Activities

Demonstrative Examples 1

ID : DX-174

This code logs suspicious multiple login attempts.

Code Example:Bad
PHP
php

This code only logs failed login attempts when a certain limit is reached. If an attacker knows this limit, they can stop their attack from being discovered by avoiding the limit.

Observed Examples 5

CVE-2004-2227Web browser's filename selection dialog only shows the beginning portion of long filenames, which can trick users into launching executables with dangerous extensions.

CVE-2003-0412application server does not log complete URI of a long request (truncation).

CVE-1999-1029Login attempts are not recorded if the user disconnects before the maximum number of tries.

CVE-2002-0725Attacker performs malicious actions on a hard link to a file, obscuring the real target file.

CVE-1999-1055Product does not warn user when document contains certain dangerous functions or macros.

Applicable Platforms

Languages:

Not Language-Specific : Undetermined

Modes of Introduction

Architecture and Design

Implementation

Operation

Related Attack Patterns

81
Improper Neutralization of Script in an Error Message Web Page

Related Weaknesses

ChildOf:

Improper Control of a Resource Through its Lifetime (CWE-664)

Taxonomy Mapping

PLOVER