Common Weakness Enumeration

CWE-276

Allowed

Incorrect Default Permissions

Abstraction: Base · Status: Draft

During installation, installed file permissions are set to allow anyone to modify those files.

2034 vulnerabilities reference this CWE, most recent first.

GHSA-WMVM-9VQV-5QPP

Vulnerability from github – Published: 2024-06-16 15:30 – Updated: 2024-07-05 21:18
VLAI
Summary
langchain_experimental Code Execution via Python REPL access
Details

langchain_experimental (aka LangChain Experimental) before 0.0.61 for LangChain provides Python REPL access without an opt-in step. NOTE; this issue exists because of an incomplete fix for CVE-2024-27444.

Show details on source website

{
  "affected": [
    {
      "package": {
        "ecosystem": "PyPI",
        "name": "langchain-experimental"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "0.0.61"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2024-38459"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-276"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2024-06-17T21:21:47Z",
    "nvd_published_at": "2024-06-16T15:15:51Z",
    "severity": "HIGH"
  },
  "details": "langchain_experimental (aka LangChain Experimental) before 0.0.61 for LangChain provides Python REPL access without an opt-in step. NOTE; this issue exists because of an incomplete fix for CVE-2024-27444.",
  "id": "GHSA-wmvm-9vqv-5qpp",
  "modified": "2024-07-05T21:18:35Z",
  "published": "2024-06-16T15:30:44Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-38459"
    },
    {
      "type": "WEB",
      "url": "https://github.com/langchain-ai/langchain/pull/22860"
    },
    {
      "type": "WEB",
      "url": "https://github.com/langchain-ai/langchain/commit/ce0b0f22a175139df8f41cdcfb4d2af411112009"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/langchain-ai/langchain"
    },
    {
      "type": "WEB",
      "url": "https://github.com/langchain-ai/langchain/compare/langchain-experimental==0.0.60...langchain-experimental==0.0.61"
    },
    {
      "type": "WEB",
      "url": "https://github.com/pypa/advisory-database/tree/main/vulns/langchain-experimental/PYSEC-2024-53.yaml"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ],
  "summary": "langchain_experimental Code Execution via Python REPL access"
}

GHSA-WP5Q-C3XQ-GH4V

Vulnerability from github – Published: 2024-01-19 21:30 – Updated: 2024-01-19 21:30
VLAI
Details

Incorrect default permissions in some Intel Integrated Sensor Hub (ISH) driver for Windows 10 for Intel NUC P14E Laptop Element software installers before version 5.4.1.4479 may allow an authenticated user to potentially enable escalation of privilege via local access.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2023-29244"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-276"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-01-19T20:15:09Z",
    "severity": "MODERATE"
  },
  "details": "Incorrect default permissions in some Intel Integrated Sensor Hub (ISH) driver for Windows 10 for Intel NUC P14E Laptop Element software installers before version 5.4.1.4479 may allow an authenticated user to potentially enable escalation of privilege via local access.",
  "id": "GHSA-wp5q-c3xq-gh4v",
  "modified": "2024-01-19T21:30:35Z",
  "published": "2024-01-19T21:30:35Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-29244"
    },
    {
      "type": "WEB",
      "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00964.html"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-WP73-JJRG-GP39

Vulnerability from github – Published: 2023-04-04 15:30 – Updated: 2023-04-11 15:30
VLAI
Details

CoreDial sipXcom up to and including 21.04 is vulnerable to Insecure Permissions. A user who has the ability to run commands as the daemon user on a sipXcom server can overwrite a service file, and escalate their privileges to root.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2023-25355"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-276"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2023-04-04T13:15:00Z",
    "severity": "HIGH"
  },
  "details": "CoreDial sipXcom up to and including 21.04 is vulnerable to Insecure Permissions. A user who has the ability to run commands as the `daemon` user on a sipXcom server can overwrite a service file, and escalate their privileges to `root`.",
  "id": "GHSA-wp73-jjrg-gp39",
  "modified": "2023-04-11T15:30:30Z",
  "published": "2023-04-04T15:30:28Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-25355"
    },
    {
      "type": "WEB",
      "url": "https://seclists.org/fulldisclosure/2023/Mar/5"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-WP9W-2VP9-WG66

Vulnerability from github – Published: 2022-05-24 17:19 – Updated: 2024-04-09 00:30
VLAI
Details

The Open Connectivity Foundation UPnP specification before 2020-04-17 does not forbid the acceptance of a subscription request with a delivery URL on a different network segment than the fully qualified event-subscription URL, aka the CallStranger issue.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2020-12695"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-276"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2020-06-08T17:15:00Z",
    "severity": "HIGH"
  },
  "details": "The Open Connectivity Foundation UPnP specification before 2020-04-17 does not forbid the acceptance of a subscription request with a delivery URL on a different network segment than the fully qualified event-subscription URL, aka the CallStranger issue.",
  "id": "GHSA-wp9w-2vp9-wg66",
  "modified": "2024-04-09T00:30:40Z",
  "published": "2022-05-24T17:19:31Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-12695"
    },
    {
      "type": "WEB",
      "url": "https://www.tenable.com/blog/cve-2020-12695-callstranger-vulnerability-in-universal-plug-and-play-upnp-puts-billions-of"
    },
    {
      "type": "WEB",
      "url": "https://www.kb.cert.org/vuls/id/339275"
    },
    {
      "type": "WEB",
      "url": "https://www.debian.org/security/2021/dsa-4898"
    },
    {
      "type": "WEB",
      "url": "https://www.debian.org/security/2020/dsa-4806"
    },
    {
      "type": "WEB",
      "url": "https://www.callstranger.com"
    },
    {
      "type": "WEB",
      "url": "https://usn.ubuntu.com/4494-1"
    },
    {
      "type": "WEB",
      "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RQEYVY4D7LASH6AI4WK3IK2QBFHHF3Q2"
    },
    {
      "type": "WEB",
      "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MZDWHKGN3LMGSUEOAAVAMOD3IUIPJVOJ"
    },
    {
      "type": "WEB",
      "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L3SHL4LOFGHJ3DIXSUIQELGVBDJ7V7LB"
    },
    {
      "type": "WEB",
      "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RQEYVY4D7LASH6AI4WK3IK2QBFHHF3Q2"
    },
    {
      "type": "WEB",
      "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MZDWHKGN3LMGSUEOAAVAMOD3IUIPJVOJ"
    },
    {
      "type": "WEB",
      "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/L3SHL4LOFGHJ3DIXSUIQELGVBDJ7V7LB"
    },
    {
      "type": "WEB",
      "url": "https://lists.debian.org/debian-lts-announce/2020/12/msg00017.html"
    },
    {
      "type": "WEB",
      "url": "https://lists.debian.org/debian-lts-announce/2020/08/msg00013.html"
    },
    {
      "type": "WEB",
      "url": "https://lists.debian.org/debian-lts-announce/2020/08/msg00011.html"
    },
    {
      "type": "WEB",
      "url": "https://github.com/yunuscadirci/CallStranger"
    },
    {
      "type": "WEB",
      "url": "https://github.com/corelight/callstranger-detector"
    },
    {
      "type": "WEB",
      "url": "https://corelight.blog/2020/06/10/detecting-the-new-callstranger-upnp-vulnerability-with-zeek"
    },
    {
      "type": "WEB",
      "url": "http://packetstormsecurity.com/files/158051/CallStranger-UPnP-Vulnerability-Checker.html"
    },
    {
      "type": "WEB",
      "url": "http://www.openwall.com/lists/oss-security/2020/06/08/2"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-WPC3-225M-FG2M

Vulnerability from github – Published: 2024-03-18 12:30 – Updated: 2024-10-10 18:31
VLAI
Details

BMC Control-M branches 9.0.20 and 9.0.21 upon user login load all Dynamic Link Libraries (DLL) from a directory that grants Write and Read permissions to all users. Leveraging it leads to loading of a potentially malicious libraries, which will execute with the application's privileges.

Fix for 9.0.20 branch was released in version 9.0.20.238. Fix for 9.0.21 branch was released in version 9.0.21.201.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2024-1605"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-276",
      "CWE-284"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-03-18T10:15:20Z",
    "severity": "MODERATE"
  },
  "details": "BMC Control-M  branches 9.0.20 and 9.0.21 upon user login load all Dynamic Link Libraries (DLL)  from a directory that grants Write and Read permissions to all users. Leveraging it leads to loading of a potentially malicious libraries, which will execute with the application\u0027s privileges. \n\nFix for 9.0.20 branch was released in version 9.0.20.238.\u00a0Fix for 9.0.21 branch was released in version 9.0.21.201. \n\n",
  "id": "GHSA-wpc3-225m-fg2m",
  "modified": "2024-10-10T18:31:07Z",
  "published": "2024-03-18T12:30:34Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-1605"
    },
    {
      "type": "WEB",
      "url": "https://cert.pl/en/posts/2024/03/CVE-2024-1604"
    },
    {
      "type": "WEB",
      "url": "https://cert.pl/posts/2024/03/CVE-2024-1604"
    },
    {
      "type": "WEB",
      "url": "https://www.bmc.com/it-solutions/control-m.html"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:L/A:L",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-WPVG-XWCW-G8RX

Vulnerability from github – Published: 2022-05-24 00:01 – Updated: 2026-07-05 03:30
VLAI
Details

D-Link DSL-G2452DG HW:T1\tFW:ME_2.00 was discovered to contain insecure permissions.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2022-28932"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-276"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2022-05-23T16:16:00Z",
    "severity": "CRITICAL"
  },
  "details": "D-Link DSL-G2452DG HW:T1\\\\tFW:ME_2.00 was discovered to contain insecure permissions.",
  "id": "GHSA-wpvg-xwcw-g8rx",
  "modified": "2026-07-05T03:30:48Z",
  "published": "2022-05-24T00:01:36Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-28932"
    },
    {
      "type": "WEB",
      "url": "https://github.com/1759134370/iot/blob/main/dsl"
    },
    {
      "type": "WEB",
      "url": "https://www.dlink.com/en/security-bulletin"
    },
    {
      "type": "WEB",
      "url": "http://d-link.com"
    },
    {
      "type": "WEB",
      "url": "http://dsl-g2452dg.com"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-WPXR-MH93-P33R

Vulnerability from github – Published: 2024-01-16 03:30 – Updated: 2024-01-16 03:30
VLAI
Details

Incorrect Default Permissions vulnerability in Hitachi Tuning Manager on Windows (Hitachi Tuning Manager server component) allows local users to read and write specific files.This issue affects Hitachi Tuning Manager: before 8.8.5-04.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2023-6457"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-276"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-01-16T01:15:34Z",
    "severity": "MODERATE"
  },
  "details": "Incorrect Default Permissions vulnerability in Hitachi Tuning Manager on Windows (Hitachi Tuning Manager server component) allows local users to read and write specific files.This issue affects Hitachi Tuning Manager: before 8.8.5-04.\n\n",
  "id": "GHSA-wpxr-mh93-p33r",
  "modified": "2024-01-16T03:30:19Z",
  "published": "2024-01-16T03:30:19Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-6457"
    },
    {
      "type": "WEB",
      "url": "https://www.hitachi.com/products/it/software/security/info/vuls/hitachi-sec-2024-104/index.html"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-WQJW-8V8X-HW6Q

Vulnerability from github – Published: 2022-03-17 00:00 – Updated: 2022-03-24 00:00
VLAI
Details

In sendMessage of OneToOneChatImpl.java (? TBD), there is a possible way to send an RCS message without permissions due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-208650395References: N/A

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2021-39734"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-276"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2022-03-16T15:15:00Z",
    "severity": "HIGH"
  },
  "details": "In sendMessage of OneToOneChatImpl.java (? TBD), there is a possible way to send an RCS message without permissions due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-208650395References: N/A",
  "id": "GHSA-wqjw-8v8x-hw6q",
  "modified": "2022-03-24T00:00:33Z",
  "published": "2022-03-17T00:00:37Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-39734"
    },
    {
      "type": "WEB",
      "url": "https://source.android.com/security/bulletin/pixel/2022-03-01"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-WQWQ-7W88-R45V

Vulnerability from github – Published: 2025-02-13 00:33 – Updated: 2025-02-13 00:33
VLAI
Details

Incorrect default permissions for some Intel(R) GPA and Intel(R) GPA Framework software installers may allow an authenticated user to potentially enable escalation of privilege via local access.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2024-42419"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-276"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-02-12T22:15:38Z",
    "severity": "MODERATE"
  },
  "details": "Incorrect default permissions for some Intel(R) GPA and Intel(R) GPA Framework software installers may allow an authenticated user to potentially enable escalation of privilege via local access.",
  "id": "GHSA-wqwq-7w88-r45v",
  "modified": "2025-02-13T00:33:07Z",
  "published": "2025-02-13T00:33:06Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-42419"
    },
    {
      "type": "WEB",
      "url": "https://intel.com/content/www/us/en/security-center/advisory/intel-sa-01233.html"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    },
    {
      "score": "CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
      "type": "CVSS_V4"
    }
  ]
}

GHSA-WR2Q-2FRG-76Q3

Vulnerability from github – Published: 2022-05-24 16:57 – Updated: 2022-10-07 18:16
VLAI
Details

ax25_create in net/ax25/af_ax25.c in the AF_AX25 network module in the Linux kernel through 5.3.2 does not enforce CAP_NET_RAW, which means that unprivileged users can create a raw socket, aka CID-0614e2b73768.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2019-17052"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-276"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2019-10-01T14:15:00Z",
    "severity": "LOW"
  },
  "details": "ax25_create in net/ax25/af_ax25.c in the AF_AX25 network module in the Linux kernel through 5.3.2 does not enforce CAP_NET_RAW, which means that unprivileged users can create a raw socket, aka CID-0614e2b73768.",
  "id": "GHSA-wr2q-2frg-76q3",
  "modified": "2022-10-07T18:16:21Z",
  "published": "2022-05-24T16:57:30Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-17052"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/pub/scm/linux/kernel/git/tip/tip.git/commit/?id=2c675dab816278a1724c1e93b384c2f05a11cb31"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=0614e2b73768b502fc32a75349823356d98aae2c"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=0edc3f703f7bcaf550774b5d43ab727bcd0fe06b"
    },
    {
      "type": "WEB",
      "url": "https://lists.debian.org/debian-lts-announce/2020/01/msg00013.html"
    },
    {
      "type": "WEB",
      "url": "https://lists.debian.org/debian-lts-announce/2020/03/msg00001.html"
    },
    {
      "type": "WEB",
      "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U6JNEWGIK7QA24OIUUL67QZNJN52NB7T"
    },
    {
      "type": "WEB",
      "url": "https://seclists.org/bugtraq/2019/Nov/11"
    },
    {
      "type": "WEB",
      "url": "https://usn.ubuntu.com/4184-1"
    },
    {
      "type": "WEB",
      "url": "https://usn.ubuntu.com/4185-1"
    },
    {
      "type": "WEB",
      "url": "https://usn.ubuntu.com/4185-2"
    },
    {
      "type": "WEB",
      "url": "https://usn.ubuntu.com/4186-1"
    },
    {
      "type": "WEB",
      "url": "https://usn.ubuntu.com/4186-2"
    },
    {
      "type": "WEB",
      "url": "http://packetstormsecurity.com/files/155212/Slackware-Security-Advisory-Slackware-14.2-kernel-Updates.html"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
      "type": "CVSS_V3"
    }
  ]
}

Mitigation MIT-1
Architecture and Design Operation

The architecture needs to access and modification attributes for files to only those users who actually require those actions.

Mitigation MIT-46
Architecture and Design

Strategy: Separation of Privilege

  • Compartmentalize the system to have "safe" areas where trust boundaries can be unambiguously drawn. Do not allow sensitive data to go outside of the trust boundary and always be careful when interfacing with a compartment outside of the safe area.
  • Ensure that appropriate compartmentalization is built into the system design, and the compartmentalization allows for and reinforces privilege separation functionality. Architects and designers should rely on the principle of least privilege to decide the appropriate time to use privileges and the time to drop privileges.
CAPEC-1: Accessing Functionality Not Properly Constrained by ACLs

In applications, particularly web applications, access to functionality is mitigated by an authorization framework. This framework maps Access Control Lists (ACLs) to elements of the application's functionality; particularly URL's for web apps. In the case that the administrator failed to specify an ACL for a particular element, an attacker may be able to access it with impunity. An attacker with the ability to access functionality not properly constrained by ACLs can obtain sensitive information and possibly compromise the entire application. Such an attacker can access resources that must be available only to users at a higher privilege level, can access management sections of the application, or can run queries for data that they otherwise not supposed to.

CAPEC-127: Directory Indexing

An adversary crafts a request to a target that results in the target listing/indexing the content of a directory as output. One common method of triggering directory contents as output is to construct a request containing a path that terminates in a directory name rather than a file name since many applications are configured to provide a list of the directory's contents when such a request is received. An adversary can use this to explore the directory tree on a target as well as learn the names of files. This can often end up revealing test files, backup files, temporary files, hidden files, configuration files, user accounts, script contents, as well as naming conventions, all of which can be used by an attacker to mount additional attacks.

CAPEC-81: Web Server Logs Tampering

Web Logs Tampering attacks involve an attacker injecting, deleting or otherwise tampering with the contents of web logs typically for the purposes of masking other malicious behavior. Additionally, writing malicious data to log files may target jobs, filters, reports, and other agents that process the logs in an asynchronous attack pattern. This pattern of attack is similar to "Log Injection-Tampering-Forging" except that in this case, the attack is targeting the logs of the web server and not the application.