Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-552 (对外部实体的文件或目录可访问) — Vulnerability Class 198

198 vulnerabilities classified as CWE-552 (对外部实体的文件或目录可访问). AI Chinese analysis included.

CWE-552 represents a critical access control weakness where software improperly exposes files or directories to unauthorized external actors. This vulnerability typically arises when applications store sensitive data within a publicly accessible root directory, such as those used by web or FTP servers, without implementing adequate permission restrictions. Attackers exploit this flaw by directly requesting the paths of these unprotected resources, thereby gaining unauthorized access to confidential information like configuration files, user data, or source code. To prevent such breaches, developers must enforce strict access controls, ensuring that only authenticated and authorized users can retrieve specific files. Additionally, separating sensitive data from public web roots and applying robust file permission settings are essential strategies to mitigate the risk of accidental or malicious exposure to external parties.

MITRE CWE Description
The product makes files or directories accessible to unauthorized actors, even though they should not be. Web servers, FTP servers, and similar servers may store a set of files underneath a "root" directory that is accessible to the server's users. Applications may store sensitive files underneath this root without also using access control to limit which users may request those files, if any. Alternately, an application might package multiple files or directories into an archive file (e.g., ZIP or tar), but the application might not exclude sensitive files that are underneath those directories. In cloud technologies and containers, this weakness might present itself in the form of misconfigured storage accounts that can be read or written by a public or anonymous user.
Common Consequences (1)
Confidentiality, IntegrityRead Files or Directories, Modify Files or Directories
Mitigations (1)
Implementation, System Configuration, OperationWhen storing data in the cloud (e.g., S3 buckets, Azure blobs, Google Cloud Storage, etc.), use the provider's controls to disable public access.
Examples (2)
The following Azure command updates the settings for a storage account:
az storage account update --name <storage-account> --resource-group <resource-group> --allow-blob-public-access true
Bad · Shell
az storage account update --name <storage-account> --resource-group <resource-group> --allow-blob-public-access false
Good · Shell
The following Google Cloud Storage command gets the settings for a storage account named 'BUCKET_NAME':
gsutil iam get gs://BUCKET_NAME
Informative · Shell
{ "bindings":[{ "members":[ "projectEditor: PROJECT-ID", "projectOwner: PROJECT-ID" ], "role":"roles/storage.legacyBucketOwner" }, { "members":[ "allUsers", "projectViewer: PROJECT-ID" ], "role":"roles/storage.legacyBucketReader" } ] }
Bad · JSON
CVE IDTitleCVSSSeverityPublished
CVE-2023-47612 Telit Cinterion BGS5 安全漏洞 — BGS5 6.8 Medium2023-11-09
CVE-2023-31017 CVE — NVIDIA GPU Display driver, vGPU driver, and Cloud gaming driver 7.8 High2023-11-02
CVE-2023-5101 SICK APU 安全漏洞 — APU0200 5.3 Medium2023-10-09
CVE-2023-45160 Elevated Temp Directory Execution in 1E Client — 1E Client 8.8 High2023-10-05
CVE-2023-20235 Cisco IOS XE Software 安全漏洞 — Cisco IOS XE Software 6.5 Medium2023-10-04
CVE-2023-3712 Potential user privilege escalation — PM23/43 6.6 Medium2023-09-12
CVE-2023-4588 File accessibility vulnerability in Delinea Secret Server — Secret Server 6.8 Medium2023-09-06
CVE-2023-4743 Dreamer CMS file access — CMS 3.1 Low2023-09-03
CVE-2023-4475 An Arbitrary File Movement vulnerability was found on the ADM — ADM 7.5 High2023-08-22
CVE-2023-37551 CODESYS Files or Directories Accessible to External Parties in CmpApp — CODESYS Control for BeagleBone SL 6.5 Medium2023-08-03
CVE-2023-32226 Sysaid - CWE-552: Files or Directories Accessible to External Parties — Sysaid 8.3 High2023-07-30
CVE-2023-34316 Delta Electronics InfraSuite Device Master Improper Access Control — Infrasuite Device Master 6.5 Medium2023-07-10
CVE-2023-2538 TLS Private Key Accessible to External Parties — s5552_bmc 5.8 Medium2023-07-05
CVE-2023-32684 In Lima, a malicious disk image could read a single file on the host filesystem as a qcow2/vmdk backing file — lima 2.7 Low2023-05-30
CVE-2023-31064 Apache InLong: Insecurity direct object references cancelling applications — Apache InLong 6.5 -2023-05-22
CVE-2023-31066 Apache InLong: Insecure direct object references for inlong sources — Apache InLong 8.1 -2023-05-22
CVE-2023-2766 Weaver OA jx2_config.ini file access — OA 5.3 Medium2023-05-17
CVE-2023-29107 Siemens SIMATIC Cloud Connect 安全漏洞 — SIMATIC Cloud Connect 7 CC712 5.3 Medium2023-05-09
CVE-2023-1246 Files or Directories Accessible to External Parties in Saysis Starcities — Starcities 7.5 High2023-03-10
CVE-2022-45052 Local File Inclusion in Axiell Iguana CMS — Iguana 8.8 High2023-01-04
CVE-2022-2981 Download Monitor < 4.5.98 - Admin+ Arbitrary File Download — Download Monitor 4.9 -2022-10-10
CVE-2022-39208 Git Repository Disclosure in Onedev — onedev 7.5 High2022-09-13
CVE-2022-1117 glibc 安全特征问题漏洞 — fapolicyd 8.4 -2022-08-29
CVE-2021-3856 Red Hat Keycloak 路径遍历漏洞 — keycloak 4.3 -2022-08-26
CVE-2021-4112 Red Hat Ansible 权限许可和访问控制问题漏洞 — ansible-tower 8.8 -2022-08-25
CVE-2021-3995 util-linux 权限许可和访问控制问题漏洞 — util-linux 5.5 -2022-08-23
CVE-2021-3996 util-linux 权限许可和访问控制问题漏洞 — util-linux 5.5 -2022-08-23
CVE-2022-2392 Lana Downloads Manager < 1.8.0 - Contributor+ Arbitrary File Download — Lana Downloads Manager 6.5 -2022-08-22
CVE-2022-2357 WSM Downloader <= 1.4.0 - Unauthenticated Arbitrary File Download — WSM Downloader 7.5 -2022-08-08
CVE-2022-1585 Project Source Code Download <= 1.0.0 - Unauthenticated Backup Download — WordPress project source code download 7.5 -2022-08-01

Vulnerabilities classified as CWE-552 (对外部实体的文件或目录可访问) represent 198 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.