Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-552 (对外部实体的文件或目录可访问) — Vulnerability Class 198

198 vulnerabilities classified as CWE-552 (对外部实体的文件或目录可访问). AI Chinese analysis included.

CWE-552 represents a critical access control weakness where software improperly exposes files or directories to unauthorized external actors. This vulnerability typically arises when applications store sensitive data within a publicly accessible root directory, such as those used by web or FTP servers, without implementing adequate permission restrictions. Attackers exploit this flaw by directly requesting the paths of these unprotected resources, thereby gaining unauthorized access to confidential information like configuration files, user data, or source code. To prevent such breaches, developers must enforce strict access controls, ensuring that only authenticated and authorized users can retrieve specific files. Additionally, separating sensitive data from public web roots and applying robust file permission settings are essential strategies to mitigate the risk of accidental or malicious exposure to external parties.

MITRE CWE Description
The product makes files or directories accessible to unauthorized actors, even though they should not be. Web servers, FTP servers, and similar servers may store a set of files underneath a "root" directory that is accessible to the server's users. Applications may store sensitive files underneath this root without also using access control to limit which users may request those files, if any. Alternately, an application might package multiple files or directories into an archive file (e.g., ZIP or tar), but the application might not exclude sensitive files that are underneath those directories. In cloud technologies and containers, this weakness might present itself in the form of misconfigured storage accounts that can be read or written by a public or anonymous user.
Common Consequences (1)
Confidentiality, IntegrityRead Files or Directories, Modify Files or Directories
Mitigations (1)
Implementation, System Configuration, OperationWhen storing data in the cloud (e.g., S3 buckets, Azure blobs, Google Cloud Storage, etc.), use the provider's controls to disable public access.
Examples (2)
The following Azure command updates the settings for a storage account:
az storage account update --name <storage-account> --resource-group <resource-group> --allow-blob-public-access true
Bad · Shell
az storage account update --name <storage-account> --resource-group <resource-group> --allow-blob-public-access false
Good · Shell
The following Google Cloud Storage command gets the settings for a storage account named 'BUCKET_NAME':
gsutil iam get gs://BUCKET_NAME
Informative · Shell
{ "bindings":[{ "members":[ "projectEditor: PROJECT-ID", "projectOwner: PROJECT-ID" ], "role":"roles/storage.legacyBucketOwner" }, { "members":[ "allUsers", "projectViewer: PROJECT-ID" ], "role":"roles/storage.legacyBucketReader" } ] }
Bad · JSON
CVE IDTitleCVSSSeverityPublished
CVE-2020-11641 SiteManager Local File Inclusion Vulnerability — SiteManager 7.7 High2020-10-15
CVE-2020-15224 Socket syscalls can leak enclave memory contents in Open Enclave — openenclave 6.8 Medium2020-10-14
CVE-2020-15175 Unauthenticated File Deletion in GLPI — glpi 7.4 High2020-10-07
CVE-2020-25636 Red Hat Ansible 安全漏洞 — Community Collections 6.6 Medium2020-10-05
CVE-2020-3476 Cisco IOS XE Software Arbitrary File Overwrite Vulnerability — Cisco IOS XE Software 6.0 -2020-09-24
CVE-2020-4075 Arbitrary file read via window-open IPC in Electron — electron 6.8 Medium2020-07-07
CVE-2020-1726 Podman 授权问题漏洞 — podman 5.9 Medium2020-02-11
CVE-2019-13941 Siemens OZW672和OZW772 授权问题漏洞 — OZW672 5.3 -2020-02-11
CVE-2019-3622 DLP Endpoint log file redirection to arbitrary locations — Data Loss Prevention (DLPe) for Windows 8.8 -2019-07-24
CVE-2019-10930 Siemens DIGSI 5 engineering software和SIPROTEC 5 - DIGSI Device Driver 代码问题漏洞 — All other SIPROTEC 5 device types with CPU variants CP300 and CP100 and the respective Ethernet communication modules 9.1 -2019-07-11
CVE-2019-3569 Facebook HHVM 信息泄露漏洞 — HHVM 7.5 -2019-06-26
CVE-2019-3811 SSSD 安全漏洞 — sssd 5.2 -2019-01-15
CVE-2017-2621 OpenStack 日志信息泄露漏洞 — openstack-heat 5.5 -2018-07-27
CVE-2017-2622 OpenStack Mistral 信息泄露漏洞 — openstack-mistral 5.5 -2018-07-27
CVE-2018-10869 Red Hat Certification 安全漏洞 — redhat-certification 7.5 -2018-07-19
CVE-2018-1079 pcs 权限许可和访问控制漏洞 — pcs 8.1 -2018-04-12
CVE-2017-15104 Heketi 信息泄露漏洞 — Heketi 7.1 -2017-12-18
CVE-2017-12079 Synology Photo Station 安全漏洞 — Photo Station 7.5 -2017-12-04

Vulnerabilities classified as CWE-552 (对外部实体的文件或目录可访问) represent 198 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.