CWE-220
Storage of File With Sensitive Data Under FTP Root
AI Translation Available
The product stores sensitive data under the FTP server root with insufficient access control, which might make it accessible to untrusted parties.
Status
draft
Abstraction
variant
Affected Platforms
Technical Details
AI Translation
Common Consequences
confidentiality
Impacts
read application data
Potential Mitigations
Phases:
implementation
system configuration
Descriptions:
•
Avoid storing information under the FTP root directory.
•
Access control permissions should be set to prevent reading/writing of sensitive files inside/outside of the FTP directory.