CCC.AUDITLOG.TH05: Logging Evasion via violating size constraints
Threat ID:CCC.AUDITLOG.TH05
Title:Logging Evasion via violating size constraints
Description:
An attacker can evade detection by intentionally crafting input that violates the size constraints of a clouds audit logging mechanism. Many systems impose a maximum size limit on individual log entries. By performing an action with oversized data such as whitespace or Unicode injection, the resulting log event, which often includes the offending data, exceeds this limit, which often is redacted in the audit logs.
Related Capabilities
| ID | Title | Description |
|---|---|---|
| CCC.Core.F03 | Access Log Publication | The service automatically publishes structured, verbose records of activities performed within the scope of the service by external actors. |
| CCC.Core.F10 | Log Publication | The service automatically publishes structured, verbose records of activities, operations, or events that occur within the service. |
External Mappings
| Reference ID | Entry ID | Strength | Remarks |
|---|---|---|---|
OWASPTOP10 | A09:2021 | 0 | - |
CWE | CWE-778 | 0 | Insufficient Logging |
CWE | CWE-223 | 0 | Omission of Security-Relevant Information |
CWE | CWE-20 | 0 | - |