CWE-313 - Cleartext Storage in a File or on Disk

Weakness Name

Cleartext Storage in a File or on Disk

Description

The product stores sensitive information in cleartext in a file, or on disk.

The sensitive information could be read by attackers with access to the file, or with physical or administrator access to the raw disk. Even if the information is encoded in a way that is not human-readable, certain techniques could determine which encoding is being used, then decode the information.

Common Consequences

Related Weaknesses

CWE-312Cleartext Storage of Sensitive Information