Course: Exposure of System Data to an Unauthorized Control Sphere (CWE-497)

Course: Exposure of System Data to an Unauthorized Control Sphere (CWE-497)

Cover

In this course, we will look at CWE-497, which discusses the weaknesses caused by exposure of system data to an unauthorized control sphere.

The course begins with an overview of the weakness caused by exposure of system data to an unauthorized control sphere. The course describes the security impact of the weakness and a technical description of the issue at hand is presented along with code examples to demonstrate the vulnerability. Finally, the course describes the remediation strategies available to mitigate the weakness described by CWE-497.

At the end of this course, you will be able to:

  • Describe the weaknesses caused when an application exposes system information to untrusted entities.
  • Explain the security impact of system data exposure to an unauthorized control sphere.
  • Describe how sensitive data in error messages and differences in error messages can enable security attacks.
  • Describe the remediation strategies to mitigate the weaknesses described by CWE-497.
Vendor:
Klocwork
Premiered:
Nov 8, 2013
Format:
Multimedia
Type:
Webcast
Language:
English
Already a Bitpipe member? Login here

Download this Webcast!

By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy