Category: SFP Secondary Cluster: Exposure Temporary File
Incomplete
Summary
This category identifies Software Fault Patterns (SFPs) within the Exposure Temporary File cluster.
Membership
| ID | Name | Description |
|---|---|---|
| CWE-377 | Insecure Temporary File | This vulnerability occurs when an application creates temporary files with insecure permissions or in predictable locations, allowing attackers to read, modify, or delete sensitive data. |
| CWE-378 | Creation of Temporary File With Insecure Permissions | This vulnerability occurs when a program creates a temporary file but sets its file permissions too loosely, allowing other users or processes on the system to read, modify, or delete the file. |
| CWE-379 | Creation of Temporary File in Directory with Insecure Permissions | This vulnerability occurs when an application creates a temporary file in a directory that is too permissive, allowing unauthorized users or processes to see, access, or manipulate the file. |
| CWE-888 | Software Fault Pattern (SFP) Clusters | CWE identifiers in this view are associated with clusters of Software Fault Patterns (SFPs). |
Vulnerability Mapping Notes
Usage: Prohibited
Reasons: Category
Rationale:
This entry is a Category. Using categories for mapping has been discouraged since 2019. Categories are informal organizational groupings of weaknesses that can help CWE users with data aggregation, navigation, and browsing. However, they are not weaknesses in themselves.
Comment:
See member weaknesses of this category.