SYM_CONF_0088 - SymbioticSec/Symbiotic-Vulnerability-Database GitHub Wiki
Insufficient Logging
| Property | Value |
|---|---|
| Language |  |
| Severity |  |
| CWE | CWE-778: Insufficient Logging |
| OWASP | A10:2017 - Insufficient Logging & Monitoring |
| Confidence Level | Medium |
| Impact Level | Low |
| Likelihood Level | Low |
Description
The Azure App Service resource is not configured to enable detailed error messages in its logging settings. This means important error details may not be captured, making troubleshooting and security monitoring more difficult.
Impact
Without detailed error messages, it can be harder to detect and investigate issues or attacks, potentially allowing malicious activity to go unnoticed and delaying response to incidents. This can increase operational risk and hinder compliance efforts.