CWE-538 - Insertion of Sensitive Information into Externally-Accessible File or Directory

CWE-538

Abstraction:
Base

Structure:
Simple

Status:
Draft

Weakness Name: Insertion of Sensitive Information into Externally-Accessible File or Directory

Description: The product places sensitive information into files or directories that are accessible to actors who are allowed to have access to the files, but not to the sensitive information.

Common Consequences: Scope: Confidentiality
Impact: Read Files or Directories

Related Weaknesses: CWE-200Exposure of Sensitive Information to an Unauthorized ActorHigh

Related Alerts: Hidden File FoundMedium

Release Date:
2006-07-19

Latest Modification Date:
2023-10-26

Free security scan for your website

Don't show website scan report rating on the leaderboard