CWE-921
Storage of Sensitive Data in a Mechanism without Access Control
The product stores sensitive information in a file system or device that does not have built-in access control.
No mitigation information available for this CWE.
No CAPEC attack patterns related to this CWE.