1. Home
  2. Weaknesses
  3. CWE-220

CWE-220: Storage of File With Sensitive Data Under FTP Root

ID CWE-220
Abstraction Variant
Structure Simple
Status Draft
Detail Web & Social
The product stores sensitive data under the FTP server root with insufficient access control, which might make it accessible to untrusted parties.

Modes of Introduction

Phase Note
Operation
Architecture and Design COMMISSION: This weakness refers to an incorrect design related to an architectural security tactic.

Applicable Platforms

Type Class Name Prevalence
Language Not Language-Specific

Relationships

View Weakness
# ID View Status # ID Name Abstraction Structure Status
CWE-1000 Research Concepts Draft CWE-552 Files or Directories Accessible to External Parties Base Simple Draft