Read Time:21 Second

Description

The product places sensitive information into files or directories that are accessible to actors who are allowed to have access to the files, but not to the sensitive information.

Modes of Introduction:

– Implementation

 

 

Related Weaknesses

CWE-200

 

Consequences

Confidentiality: Read Files or Directories

 

Potential Mitigations

Phase: Architecture and Design, Operation, System Configuration

Description: 

Do not expose file and directory information to the user.

CVE References