Exposure of Backup File to an Unauthorized Control Sphere

A backup file is stored in a directory or archive that is made accessible to unauthorized actors.

  • Source

    CWE Catalog - 4.12

  • Identifier

    CWE-530

  • Status

    Incomplete

Contents

Description

Often, older backup files are renamed with an extension such as .~bk to distinguish them from production files. The source code for old files that have been renamed in this manner and left in the webroot can often be retrieved. This renaming may have been performed automatically by the web server, or manually by the administrator.

See Also

Comprehensive Categorization: Exposed Resource

Weaknesses in this category are related to exposed resource.

Authorize Actors

Weaknesses in this category are related to the design and architecture of a system's authorization components. Frequently these deal with enforcing that agents have th...

SFP Secondary Cluster: Exposed Data

This category identifies Software Fault Patterns (SFPs) within the Exposed Data cluster (SFP23).

Comprehensive CWE Dictionary

This view (slice) covers all the elements in CWE.

Common Weakness Enumeration content on this website is copyright of The MITRE Corporation unless otherwise specified. Use of the Common Weakness Enumeration and the associated references on this website are subject to the Terms of Use as specified by The MITRE Corporation.