CWE
Home > CWE List > CWE-538 Individual Dictionary Definition (Draft 9)   View the CWE List

CWE-538 Individual Dictionary Definition (Draft 9)

File and Directory Information Leaks
Weakness ID
Status: Draft

538 (Weakness Class)

Description

Summary

Weaknesses in this category are related to information leaks in files and directories.

Relationships
NatureTypeIDName
ChildOfWeakness ClassWeakness ClassWeakness Class200Information Leak (Information Disclosure)
ParentOfWeakness VariantWeakness VariantWeakness Variant527Information Leak Through CVS Repository
ParentOfWeakness VariantWeakness VariantWeakness Variant528Information Leak Through Core Dump Files
ParentOfWeakness VariantWeakness VariantWeakness Variant529Information Leak Through Access Control List Files
ParentOfWeakness VariantWeakness VariantWeakness Variant530Information Leak Through Backup (.~bk) Files
ParentOfWeakness VariantWeakness VariantWeakness Variant532Information Leak Through Log Files
ParentOfWeakness VariantWeakness VariantWeakness Variant539Information Leak Through Persistent Cookies
ParentOfWeakness VariantWeakness VariantWeakness Variant540Information Leak Through Source Code
ParentOfWeakness VariantWeakness VariantWeakness Variant548Information Leak Through Directory Listing
ParentOfWeakness VariantWeakness VariantWeakness Variant611Information Leak Through XML External Entity File Disclosure
ParentOfWeakness VariantWeakness VariantWeakness Variant651Information Leak through WSDL File
Applicable Platforms

All

Related Attack Patterns
CAPEC-IDAttack Pattern Name
95WSDL Scanning
Back to top
Page Last Updated: April 22, 2008
 

CWE is sponsored by the National Cyber Security Division of the U.S. Department of Homeland Security.

This Web site is hosted by The MITRE Corporation.
Copyright 2008, The MITRE Corporation. CWE and the CWE logo are trademarks of The MITRE Corporation.

Contact cwe@mitre.org for more information.
Privacy policy
Terms of use
Contact us