NIST 800-53 r5 · Controls catalogue · Family AU
AU-13Monitoring for Information Disclosure
Monitor {{ insert: param, au-13_odp.01 }} {{ insert: param, au-13_odp.02 }} for evidence of unauthorized disclosure of organizational information; and If an information disclosure is discovered: Notify {{ insert: param, au-13_odp.03 }} ; and Take the following additional actions: {{ insert: param, au-13_odp.04 }}.
Last updated: 19 May 2026 14:18 UTC
Implementations targeting this control (0)
- No implementations targeting this control yet.
ATT&CK techniques this control mitigates (0)
- No ATT&CK techniques mapped to this control yet.
Weaknesses this control addresses (6)AI
CWEs ranked by how often they appear in real CVEs. The rationale describes how this control reduces exploitability of each weakness class.
| CWE | Name | CVEs | Why this control addresses it |
|---|---|---|---|
CWE-200 | Exposure of Sensitive Information to an Unauthorized Actor | 10,259 | Monitoring directly detects unauthorized disclosure of sensitive information, enabling response to exposures. |
CWE-532 | Insertion of Sensitive Information into Log File | 1,390 | Identifies insertion of sensitive data into logs, allowing detection of unauthorized disclosure. |
CWE-209 | Generation of Error Message Containing Sensitive Information | 648 | Detects error messages that leak sensitive information as evidence of disclosure. |
CWE-538 | Insertion of Sensitive Information into Externally-Accessible File or Directory | 84 | Monitors for sensitive information placed in externally accessible files or directories. |
CWE-548 | Exposure of Information Through Directory Listing | 55 | Detects information exposure through directory listings as unauthorized disclosure. |
CWE-1230 | Exposure of Sensitive Information Through Metadata | 22 | Identifies sensitive information exposed via metadata during disclosure monitoring. |
Top CVEs where this control is the strongest mitigation
| CVE | Risk | CVSS | EPSS | Match |
|---|---|---|---|---|
CVE-2026-22038 | 1.6 | 8.1 | 0.0011 | good |
CVE-2026-25813 | 1.5 | 7.5 | 0.0005 | good |
CVE-2025-24071 | 5.7 | 6.5 | 0.7352 | good |
CVE-2025-24146 | 2.0 | 9.8 | 0.0020 | good |
CVE-2025-15480 | 1.8 | 9.1 | 0.0006 | good |
CVE-2026-21532 | 1.6 | 8.2 | 0.0006 | good |
CVE-2025-26001 | 1.5 | 7.5 | 0.0053 | good |
CVE-2024-34897 | 1.5 | 7.5 | 0.0028 | good |
CVE-2026-27934 | 1.5 | 7.5 | 0.0006 | good |
CVE-2026-5032 UPD | 1.5 | 7.5 | 0.0006 | good |
CVE-2026-27640 | 1.5 | 7.5 | 0.0005 | good |
CVE-2026-20649 | 1.5 | 7.5 | 0.0003 | good |
CVE-2023-38272 | 1.2 | 5.9 | 0.0023 | good |
CVE-2026-5571 UPD | 1.1 | 5.3 | 0.0005 | good |
CVE-2024-13086 | 1.1 | 5.3 | 0.0016 | good |
CVE-2023-38713 | 1.1 | 5.3 | 0.0010 | good |
CVE-2024-28766 | 0.5 | 2.4 | 0.0009 | good |
CVE-2025-11749 | 7.1 | 9.8 | 0.8539 | good |
CVE-2025-13801 | 5.1 | 7.5 | 0.5960 | good |
CVE-2025-2292 | 4.5 | 6.5 | 0.5280 | good |
CVE-2024-48455 | 4.3 | 2.7 | 0.6349 | good |
CVE-2026-2493 | 4.2 | 7.5 | 0.4459 | good |
CVE-2025-24799 | 3.2 | 7.5 | 0.2884 | partial |
CVE-2024-56902 | 3.1 | 7.5 | 0.2649 | good |
CVE-2024-13609 | 2.2 | 5.9 | 0.1770 | good |