Tag: information-leak
Connections that use insecure protocols transmit data in cleartext, which can leak sensitive information.
Encryption that is dependent on conditional logic, such as an if...then
clause, might cause unencrypted sensitive data to be stored.
Sensitive information should not be exposed through log files or stack traces.
Credentials that are stored in clear text can be intercepted by a malicious actor.
Weak file permissions can lead to privilege escalation.
Client-side decryption followed by reencryption is inefficient and can lead to sensitive data leaks.