BaseIncomplete
CWE-921Storage of Sensitive Data in a Mechanism without Access Control
Category: data-exposure
Description
The product stores sensitive information in a file system or device that does not have built-in access control.
Common consequences· 2
- Confidentiality — Read Application Data, Read Files or DirectoriesAttackers can read sensitive information by accessing the unrestricted storage mechanism.
- Integrity — Modify Application Data, Modify Files or DirectoriesAttackers can modify or delete sensitive information by accessing the unrestricted storage mechanism.
References
(incoming)1
| Type | Target | Confidence | Tier |
|---|---|---|---|
| Vulnerability | CVE-2025-30016cve-2025-30016 | 0% | live |
Related by meaning· 6
Nearest entities by semantic similarity across the cs-graph corpus.