Inclusion of Sensitive Information in Source Code

Incomplete Base

Structure: Simple

Description

Source code on a web server or repository often contains sensitive information and should generally not be accessible to users.

Extended Description

There are situations where it is critical to remove source code from an area or server. For example, obtaining Perl source code on a system allows an attacker to understand the logic of the script and extract extremely useful information such as code bugs or logins and passwords.

Common Consequences 1

Scope: Confidentiality

Impact: Read Application Data

Potential Mitigations 1

Phase: Architecture and DesignSystem Configuration

Recommendations include removing this script from the web server and moving it to a location not accessible from the Internet.

Demonstrative Examples 2

ID : DX-104

The following code uses an include file to store database credentials:

database.inc

Code Example:Bad
PHP
php

Code Example:Bad
PHP
php

If the server does not have an explicit handler set for .inc files it may send the contents of database.inc to an attacker without pre-processing, if the attacker requests the file directly. This will expose the database name and password.

The following comment, embedded in a JSP, will be displayed in the resulting HTML output.

Code Example:Bad
JSP
jsp

Observed Examples 3

CVE-2022-25512Server for Team Awareness Kit (TAK) application includes sensitive tokens in the JavaScript source code.

CVE-2022-24867The LDAP password might be visible in the html code of a rendered page in an IT Asset Management tool.

CVE-2007-6197Version numbers and internal hostnames leaked in HTML comments.

Modes of Introduction

Implementation

Related Weaknesses

ChildOf:

Insertion of Sensitive Information into Externally-Accessible File or Directory (CWE-538)