CWE-220: Storage of File With Sensitive Data Under FTP Root
ID
CWE-220
Abstraction
Variant
Structure
Simple
Status
Draft
The product stores sensitive data under the FTP server root with insufficient access control, which might make it accessible to untrusted parties.
Modes of Introduction
Phase | Note |
---|---|
Operation | |
Architecture and Design | COMMISSION: This weakness refers to an incorrect design related to an architectural security tactic. |
Applicable Platforms
Type | Class | Name | Prevalence |
---|---|---|---|
Language | Not Language-Specific |
Loading...