VariantIncomplete

CWE-529Exposure of Access Control List Files to an Unauthorized Control Sphere

Category: auth

Description

The product stores access control list files in a directory or other container that is accessible to actors outside of the intended control sphere. Exposure of these access control list files may give the attacker information about the configuration of the site or system. This information may then be used to bypass the intended security policy or identify trusted systems from which an attack can be launched.

Common consequences· 1

  • Confidentiality / Access Control — Read Application Data, Bypass Protection Mechanism

Potential mitigations· 1

  • [System Configuration]Protect access control list files.

References

  1. https://cwe.mitre.org/data/definitions/529.html

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CWE
Files or Directories Accessible to External Parties
CWE
Exposure of Sensitive System Information to an Unauthorized Control Sphere
CWE
Exposure of Information Through Directory Listing
CWE
Insertion of Sensitive Information into Externally-Accessible File or Directory
CWE
Improper Access Control
CWE
Password in Configuration File
Sourced from MITRE CWE 4.20. Curated for EU compliance use cases by Adam Lundqvist, Founder at SQUR.