CWE-11 – ASP.NET Misconfiguration: Creating Debug Binary | Common Weakness Enumeration (CWE)

Overview

CWE-11 (ASP.NET Misconfiguration: Creating Debug Binary) documents a weakness type used across vulnerability databases and security assessments. Use the sections below for definition, context, and mapped CVEs.

Security impact: Security impact: Depends on product and context; use CVE records, severity scores, and MITRE guidance to prioritize.

Description

Debugging messages help attackers learn about the system and plan a form of attack.

Background details

Extended context from the CWE catalog (rendered from MITRE XHTML).

The debug attribute of the <compilation> tag defines whether compiled binaries should include debugging information. The use of debug binaries causes an application to provide as much information about itself as possible to the user.

Applicable platforms

Kind	Name	Class	Prevalence	OS / CPE
language	ASP.NET	—	Undetermined	—

Related CVEs in this database

These CVEs are mapped to this weakness in this database and kept for traceability and search.

CVE	Published	Summary
CVE-2024-48008	2024-12-13	Dell RecoverPoint for Virtual Machines 6.0.x contains a OS Command Injection vulnerability. An Low privileged remote attacker could potentially exploit this vulnerability leading to information disclo…
CVE-2021-35235	2021-10-26	The ASP.NET debug feature is enabled by default in Kiwi Syslog Server 9.7.2 and previous versions. ASP.NET allows remote debugging of web applications, if configured to do so. Debug mode causes ASP.NE…

Content submission

Name: 7 Pernicious Kingdoms
Date: 2006-07-19
Version: Draft 3

Content modifications

Date	Name	Version	Importance	Comment
2008-07-01	Eric Dalci	1.0	—	updated Demonstrative_Example, Potential_Mitigations, Time_of_Introduction
2008-09-08	CWE Content Team	1.0	—	updated Relationships, Other_Notes, Taxonomy_Mappings
2008-11-24	CWE Content Team	1.1	—	updated Description, Other_Notes
2009-07-27	CWE Content Team	1.5	—	updated Background_Details, Common_Consequences, Demonstrative_Examples, Description, Other_Notes
2011-06-01	CWE Content Team	1.13	—	updated Common_Consequences
2011-06-27	CWE Content Team	2.0	—	updated Common_Consequences
2012-05-11	CWE Content Team	2.2	—	updated Relationships
2013-02-21	CWE Content Team	2.4	—	updated Potential_Mitigations
2014-07-30	CWE Content Team	2.8	—	updated Relationships
2017-11-08	CWE Content Team	3.0	—	updated Relationships
2020-02-24	CWE Content Team	4.0	—	updated References, Relationships, Time_of_Introduction
2021-10-28	CWE Content Team	4.6	—	updated Relationships
2023-04-27	CWE Content Team	4.11	—	updated Detection_Factors, Relationships
2023-06-29	CWE Content Team	4.12	—	updated Mapping_Notes
2025-12-11	CWE Content Team	4.19	—	updated References, Relationships, Weakness_Ordinalities