CWE-530

Exposure of Backup File to an Unauthorized Control Sphere

A backup file is stored in a directory or archive that is made accessible to unauthorized actors.

Mitigation

Phase: Policy

Description:

  • Recommendations include implementing a security policy within your organization that prohibits backing up web application source code in the webroot.

No CAPEC attack patterns related to this CWE.

Back to CWE stats page