Insufficient Logging Abuse
Variants:
Direct
Also Known As:
Insufficient Logging
Vector Type:
Vulnerability
Relevance:
Generic
Layer:
Application-Level, Web-Infrastructure-Level
Platforms:
Any
Target Type:
Application
Affected Mechanisms:
Logging
Invented In:
01/01/1999
Added In:
21/12/2014
Vector Operation Method:
Attackers can abuse the lack of sufficient security event logging to attack applications without being held responsible, and avoid detection long enough to complete the attack process.
