|
|
|
|
CWE-548: Exposure of Information Through Directory Listing
|
Weakness ID: 548
Vulnerability Mapping:
ALLOWED
This CWE ID may be used to map to real-world vulnerabilities
Abstraction:
Variant
Variant - a weakness that is linked to a certain type of product, typically involving a specific language or technology. More specific than a Base weakness. Variant level weaknesses typically describe issues in terms of 3 to 5 of the following dimensions: behavior, property, technology, language, and resource.
|
Description
A directory listing is inappropriately exposed, yielding potentially sensitive information to attackers.
Extended Description
A directory listing provides an attacker with the complete index of all the resources located inside of the directory. The specific risks and consequences vary depending on which files are listed and accessible.
Common Consequences
 This table specifies different individual consequences
associated with the weakness. The Scope identifies the application security area that is
violated, while the Impact describes the negative technical impact that arises if an
adversary succeeds in exploiting this weakness. The Likelihood provides information about
how likely the specific consequence is expected to be seen relative to the other
consequences in the list. For example, there may be high likelihood that a weakness will be
exploited to achieve a certain impact, but a low likelihood that it will be exploited to
achieve a different impact.
| Scope |
Impact |
Likelihood |
| Confidentiality |
Technical Impact: Read Files or Directories
Exposing the contents of a directory can lead to an attacker gaining access to source code or providing useful information for the attacker to devise exploits, such as creation times of files or any information that may be encoded in file names. The directory listing may also compromise private or confidential data.
|
|
Potential Mitigations
|
Phases: Architecture and Design; System Configuration
Recommendations include restricting access to important directories or files by adopting a need to know requirement for both the document and server root, and turning off features such as Automatic Directory Listings that could expose private files and provide information that could be utilized by an attacker when formulating or conducting an attack.
|
Relationships
Modes
Of Introduction
The different Modes of Introduction provide information
about how and when this
weakness may be introduced. The Phase identifies a point in the life cycle at which
introduction
may occur, while the Note provides a typical scenario related to introduction during the
given
phase.
| Phase |
Note |
| Implementation |
|
| Operation |
|
Detection
Methods
|
Automated Static Analysis
Automated static analysis, commonly referred to as Static Application Security Testing (SAST), can find some instances of this weakness by analyzing source code (or binary/compiled code) without having to execute it. Typically, this is done by building a model of data flow and control flow, then searching for potentially-vulnerable patterns that connect "sources" (origins of input) with "sinks" (destinations where the data interacts with external components, a lower layer such as the OS, etc.)
|
Memberships
This MemberOf Relationships table shows additional CWE Categories and Views that
reference this weakness as a member. This information is often useful in understanding where a
weakness fits within the context of external information sources.
Vulnerability Mapping Notes
|
Usage:
ALLOWED
(this CWE ID may be used to map to real-world vulnerabilities)
|
|
Reason:
Acceptable-Use
|
|
Rationale:
This CWE entry is at the Variant level of abstraction, which is a preferred level of abstraction for mapping to the root causes of vulnerabilities.
|
|
Comments: Carefully read both the name and description to ensure that this mapping is an appropriate fit. Do not try to 'force' a mapping to a lower-level Base/Variant simply to comply with this preferred level of abstraction.
|
Taxonomy
Mappings
| Mapped Taxonomy Name |
Node ID |
Fit |
Mapped Node Name |
| OWASP Top Ten 2004 |
A10 |
CWE More Specific |
Insecure Configuration Management |
| WASC |
16 |
|
Directory Indexing |
More information is available — Please edit the custom filter or select a different filter.
|