👁️

Exposure of Sensitive Information to an Unauthorized Actor

🛡️ 14 개의 규칙이 이를 탐지합니다

Exposure of Sensitive Information to an Unauthorized Actor

The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

There are many different kinds of mistakes that introduce information exposures. The severity of the error can range widely, depending on the context in which the product operates, the type of sensitive information that is revealed, and the benefits it may provide to an attacker.

보급률

높음

자주 악용됨

영향

치명적

4개의 치명적 심각도 규칙

예방

문서화됨

14개의 수정 예시

2 예방

이 취약점을 수정하는 방법

14개의 Shoulder 탐지 규칙을 기반으로 한 Information Exposure 예방 전략.

🐹 Go 모두 보기 Go 자세히 →

Environment Variable Secret Exposure HIGH

Use environment variables for configuration only; never log or return their values

+5 -1 go

  package main
  
  import (
      "log"
      "os"
  )
  
  func main() {
      apiKey := os.Getenv("API_KEY")
-     log.Printf("API Key: %s", apiKey)
+     if apiKey == "" {
+         log.Fatal("API_KEY not configured")
+     }
+     log.Println("API key configured:", len(apiKey) > 0)
+     // Use apiKey internally, never log or return it
  }

LLM Model Theft HIGH

Store API keys in environment variables, never log them, and protect model endpoints with authentication

+5 -3 go

- client := openai.NewClient("sk-proj-1234567890abcdefghijklmnop")
- log.Printf("Using key: %s", apiKey)
- http.Handle("/models/", http.FileServer(http.Dir("./models")))
+ client := openai.NewClient(os.Getenv("OPENAI_API_KEY"))
+ log.Printf("Request completed: model=%s tokens=%d", model, usage.TotalTokens)
+ 
+ modelsHandler := http.FileServer(http.Dir("./models"))
+ http.Handle("/models/", authMiddleware(rateLimiter(modelsHandler)))

LLM Sensitive Information Disclosure HIGH

Mask PII and redact credentials before sending data to LLM APIs, and use structured logging

+7 -6 go

- resp, _ := client.CreateChatCompletion(ctx, openai.ChatCompletionRequest{
-     Messages: []openai.ChatCompletionMessage{{
-         Content: fmt.Sprintf("User SSN: %s, Password: %s", user.SSN, password),
-     }},
- })
- log.Printf("Request: %v", messages)
+ safeMessage := maskPII(userInput)
+ safeMessage = redactCredentials(safeMessage)
+ 
+ resp, _ := client.CreateChatCompletion(ctx, openai.ChatCompletionRequest{
+     Messages: []openai.ChatCompletionMessage{{Content: safeMessage}},
+ })
+ log.Printf("Completed: model=%s tokens=%d", model, resp.Usage.TotalTokens)

🟨 JavaScript 모두 보기 JavaScript 자세히 →

Environment Variable Secret Exposure HIGH

Use secrets internally without exposing them in logs, responses, or client-side code

+4 -3 javascript

- app.get('/config', (req, res) => {
-   res.json({ apiKey: process.env.API_KEY });
- });
+ const apiKey = process.env.API_KEY;
+ // Use the key server-side only
+ const result = await externalApi.call({ key: apiKey });
+ res.json({ data: result });

LLM Model Theft HIGH

Load API keys from environment variables and proxy LLM calls through your server

+1 -1 javascript

  const openai = new OpenAI({
-   apiKey: 'sk-proj-1234567890abcdefghijklmnop'
+   apiKey: process.env.OPENAI_API_KEY
  });

LLM Sensitive Information Disclosure HIGH

Mask or redact PII and credentials before sending data to LLM APIs

+3 -2 javascript

- const response = await openai.chat.completions.create({
-   messages: [{ role: 'user', content: `Process: ${userRecord}` }]
+ const masked = maskPII(userRecord);
+ const response = await openai.chat.completions.create({
+   messages: [{ role: 'user', content: `Process: ${masked}` }]
  });

🐍 Python 모두 보기 Python 자세히 →

Information Disclosure MEDIUM

Return generic error messages to users; log detailed errors server-side only

+12 -8 python

- from flask import jsonify
- 
- @app.route('/api/data')
- def handler():
-     try:
-         return jsonify(process())
-     except Exception as e:
-         return jsonify({'error': str(e), 'trace': traceback.format_exc()}), 500
+ import logging
+ from flask import jsonify
+ 
+ logger = logging.getLogger(__name__)
+ 
+ @app.route('/api/data')
+ def handler():
+     try:
+         return jsonify(process())
+     except Exception as e:
+         logger.error(f"Error: {e}", exc_info=True)
+         return jsonify({'error': 'Internal server error'}), 500

LLM Sensitive Information Disclosure HIGH

Use Presidio or similar libraries to anonymize PII before sending data to LLM APIs

+14 -6 python

- messages = [{
-     'role': 'user',
-     'content': f"User SSN: {user.ssn}, email: {user.email}. Summarize profile."
- }]
- logging.info(f"Request: {messages}")
- response = openai.chat.completions.create(model='gpt-4', messages=messages)
+ from presidio_analyzer import AnalyzerEngine
+ from presidio_anonymizer import AnonymizerEngine
+ 
+ analyzer = AnalyzerEngine()
+ anonymizer = AnonymizerEngine()
+ 
+ def anonymize_text(text: str) -> str:
+     results = analyzer.analyze(text=text, language='en')
+     return anonymizer.anonymize(text=text, analyzer_results=results).text
+ 
+ safe_message = anonymize_text(user_message)
+ messages = [{'role': 'user', 'content': safe_message}]
+ response = openai.chat.completions.create(model='gpt-4', messages=messages)
+ logger.info('Completed', extra={'model': 'gpt-4', 'tokens': response.usage.total_tokens})

Sensitive Field Exposure in API Response CRITICAL

Use explicit field selection or serializer schemas to exclude sensitive fields from responses

+5 -1 python

  from flask import jsonify
  from models import User
  
  @app.route('/api/users')
  def get_users():
      users = User.query.all()
-     return jsonify([u.__dict__ for u in users])
+     return jsonify([{
+         'id': u.id,
+         'email': u.email,
+         'name': u.name
+     } for u in users])

3 탐지

코드에서 취약점 찾기

Shoulder를 사용하여 코드에서 Exposure of Sensitive Information to an Unauthorized Actor 패턴을 스캔하세요. 14 규칙.

터미널

# Scan with Shoulder CLI
npx @shoulderdev/cli trust --cwe=200

# Or scan entire project
npx @shoulderdev/cli trust .

탐지 규칙 (14)

🟨 Javascript 5 rules

Environment Variable Secret Exposure HIGH

Detects when environment variables (which may contain secrets like API keys, passwords, tokens) are leaked through logging, HTTP responses, or external requests. Environment variables commonly store sensitive data: - API keys (AWS_ACCESS_KEY_ID, STRIPE_SECRET_KEY) - Database passwords (DB_PASSWORD, DATABASE_URL) - JWT secrets (JWT_SECRET) - OAuth tokens (GITHUB_TOKEN, SLACK_TOKEN) Leaking these values exposes credentials and allows unauthorized access. This rule uses taint flow analysis to de

LLM Model Theft HIGH

Detects vulnerabilities that could lead to model theft or API key exposure. OWASP LLM10 - Model Theft. Model theft can occur through: - API key exposure in client-side code or logs - Model weights exposed via insecure endpoints - Model extraction attacks via unrestricted API access - Insecure model serialization and storage - Missing access controls on model endpoints This rule detects: - Hardcoded API keys in source code - API keys in client-side JavaScript - Model files served without authen

LLM Sensitive Information Disclosure HIGH

Detects potential sensitive information disclosure in AI/LLM implementations. OWASP LLM06 - Sensitive Information Disclosure. Sensitive information can be leaked through: - PII (Personal Identifiable Information) in prompts - Credentials or secrets in prompts or system messages - Sensitive business data sent to third-party LLM APIs - Logging LLM conversations containing sensitive data - LLM responses exposed without filtering This rule detects: - Sensitive data patterns in LLM prompts - Creden

Sensitive Field Exposure in API Response CRITICAL

Detects when sensitive data fields (passwords, tokens, secrets, API keys) are exposed through API endpoint responses. This commonly happens when: 1. Mapping user data with sensitive fields: `.map(u => ({ password: u.password }))` 2. Returning entire user objects: `res.json(user)` where user has password field 3. Including sensitive fields in response objects: `res.json({ password: user.password })` This is particularly dangerous when AI-generated code returns user collections without filtering

Prisma Sensitive Field Exposure CRITICAL

Prisma returns all fields by default. Without 'select' or 'omit', password hashes and API tokens can leak to clients.

🔷 Typescript 5 rules

Environment Variable Secret Exposure HIGH

LLM Model Theft HIGH

LLM Sensitive Information Disclosure HIGH

Sensitive Field Exposure in API Response CRITICAL

Prisma Sensitive Field Exposure CRITICAL

Prisma returns all fields by default. Without 'select' or 'omit', password hashes and API tokens can leak to clients.

🐍 Python 5 rules

Information Disclosure MEDIUM

Detects information disclosure vulnerabilities: debug mode enabled, exposing stack traces, returning detailed error messages, or leaking sensitive data.

LLM Model Theft HIGH

Detects vulnerabilities that could lead to model theft or API key exposure. OWASP LLM10 - Model Theft. Model theft can occur through: - API key exposure in source code or logs - Model weights exposed via insecure endpoints - Model extraction attacks via unrestricted API access - Insecure model serialization and storage

LLM Sensitive Information Disclosure HIGH

Sensitive Field Exposure in API Response CRITICAL

Detects when sensitive data fields (passwords, tokens, secrets) are exposed through API endpoint responses. This commonly happens when: 1. Returning user dictionaries with sensitive fields 2. Serializing ORM objects without excluding sensitive fields 3. Including sensitive fields in JSON responses Security Impact: - Password hash exposure enabling offline cracking attacks - API key/token leakage allowing account takeover - Session token exposure enabling session hijacking - PII disclosure viol

Server Information Disclosure LOW

Detects server configuration that exposes version information, framework details, or other implementation details through HTTP headers. This information helps attackers identify known vulnerabilities in specific versions.

🐹 Go 4 rules

Environment Variable Secret Exposure HIGH

Environment variables containing secrets flow to logs or HTTP responses.

LLM Model Theft HIGH

Detects vulnerabilities leading to model theft or API key exposure such as hardcoded keys or insecure model endpoints.

LLM Sensitive Information Disclosure HIGH

Detects sensitive information disclosure in AI/LLM implementations such as credentials or PII in prompts.

Sensitive Field Exposure in API Response CRITICAL

Sensitive fields like password, token, or apiKey included in HTTP responses.

4 경고 신호

코드 리뷰에서 주의할 점

이 패턴은 잠재적인 Exposure of Sensitive Information to an Unauthorized Actor 취약점을 나타냅니다. 코드 리뷰와 보안 감사 중에 찾아보세요.

🟠

Model theft vulnerability: ... go-llm-model-theft

🟠

vulnerabilities leading to model theft or API key exposure such as hardcoded keys or insecure model go-llm-model-theft

🟠

Potential sensitive information disclosure: ... go-llm-sensitive-info-disclosure

🟠

sensitive information disclosure in AI/LLM implementations such as credentials or PII in prompts go-llm-sensitive-info-disclosure

🟠

when environment variables (which may contain secrets like API keys, passwords, tokens) are leaked t javascript-env-vars-secret-exposure

🟠

vulnerabilities that could lead to model theft or API key exposure javascript-llm-model-theft

🟠

potential sensitive information disclosure in AI/LLM implementations javascript-llm-sensitive-info-disclosure

🟡

information disclosure vulnerabilities: debug mode enabled, exposing stack traces, returning detaile python-information-disclosure

🔍

코드베이스를 스캔하세요: Exposure of Sensitive Information to an Unauthorized Actor

Shoulder CLI는 전체 코드베이스에서 취약한 패턴을 찾아냅니다.

npx shoulder trust 모든 규칙 보기

참조

결과

애플리케이션 데이터 읽기 파일 또는 디렉터리 읽기

OWASP Top 10

Broken Access Control

A01:2021-Broken Access Control

→

영향받는 프레임워크

flask 5 rules

django 5 rules

nodejs 4 rules

express 4 rules

fastapi 4 rules

fastify 3 rules

gin 2 rules

echo 2 rules

Shoulder 커버리지

탐지 규칙 14

치명적 규칙 4

언어 go, javascript, typescript, python

MITRE 완화 조치

신뢰 경계를 명확히 그을 수 있는 안전한 영역을 갖도록 시스템을 구획화하세요
오류 메시지에는 대상 사용자에게 필요한 최소한의 정보만 포함하도록 하세요

자세히 알아보기

MITRE CWE-200 ↗ OWASP Broken Access Control ↗