Read Time:24 Second
Description
The software stores sensitive information in a file system or device that does not have built-in access control.
Modes of Introduction:
– Architecture and Design
Likelihood of Exploit:
Related Weaknesses
Consequences
Confidentiality: Read Application Data, Read Files or Directories
Attackers can read sensitive information by accessing the unrestricted storage mechanism.
Integrity: Modify Application Data, Modify Files or Directories
Attackers can modify or delete sensitive information by accessing the unrestricted storage mechanism.
Potential Mitigations
CVE References