...
- It can be proved that the code is free from other errors that can expose the sensitive data.
- Attackers lack physical access to the target machine.
Related Guidelines
| MITRE 2009CWE | CWE ID 215, Information exposure through debug information CWE ID 226, Sensitive information uncleared before release CWE ID 524, Information exposure through caching CWE ID 526, Information exposure through environmental variables CWE ID 528, Exposure of core dump file to an unauthorized control sphere CWE ID 534, Information exposure through debug log files |
...