Storage of File with Sensitive Data Under Web Root

Description

This vulnerability occurs when an application saves sensitive files, such as configuration data or private keys, inside the web server's publicly accessible directory. Without proper access restrictions, attackers can directly request and download these files.

Extended Description

Web servers are designed to serve files from a specific root directory, like `/var/www/html` or `C:\inetpub\wwwroot`. Developers often mistakenly place backup files, configuration files containing passwords, or temporary data dumps in these folders. Since these files aren't meant to be web pages, they are frequently overlooked when setting up access controls. If the server isn't explicitly configured to block access to these sensitive file types, an attacker can simply guess or discover their URLs and retrieve them directly. This bypasses the application's normal security checks, leading to immediate data exposure. The core issue is the failure to separate private data storage from the public content meant to be served by the web application.

Common Consequences 1

Scope: Confidentiality

Impact: Read Application Data

Potential Mitigations 2

Phase: ImplementationSystem Configuration

Avoid storing information under the web root directory.

Phase: System Configuration

Access control permissions should be set to prevent reading/writing of sensitive files inside/outside of the web directory.

Observed Examples 5

CVE-2005-1835Data file under web root.

CVE-2005-2217Data file under web root.

CVE-2002-1449Username/password in data file under web root.

CVE-2002-0943Database file under web root.

CVE-2005-1645database file under web root.

Applicable Platforms

Languages:

Not Language-Specific : Undetermined

Modes of Introduction

Operation

Implementation

Related Weaknesses

ChildOf:

Files or Directories Accessible to External Parties (CWE-552)

Taxonomy Mapping

PLOVER
OWASP Top Ten 2004