Application Error

Severity:: Medium

Description

Unhandled exceptions pose two primary risks. Firstly, they can lead to denial of service by causing memory leaks or excessive resource consumption. Secondly, they may leak sensitive information through error messages, which attackers can exploit to target the application.

Recommendation

To mitigate risks associated with unhandled exceptions, ensure proper exception handling for all scenarios and display generic error messages to users.

References

OWASP: Error Handling Cheat Sheet
CWE-200
CWE-209
CAPEC-118
OWASP 2021-A5

Related Issues

Application and Database Error - Vulnerability
Detailed Application and Database Error - Vulnerability
Detailed Application Error - Vulnerability
Database Error - Vulnerability

Tags:: Information Disclosure; Denial of Service; Error Handling

Anything's wrong? Let us know Last updated on May 13, 2024