Read Time:21 Second
Description
The product places sensitive information into files or directories that are accessible to actors who are allowed to have access to the files, but not to the sensitive information.
Modes of Introduction:
– Implementation
Related Weaknesses
Consequences
Confidentiality: Read Files or Directories
Potential Mitigations
Phase: Architecture and Design, Operation, System Configuration
Description:
Do not expose file and directory information to the user.