CWE-552
AllowedFiles or Directories Accessible to External Parties
Abstraction: Base · Status: Draft
The product makes files or directories accessible to unauthorized actors, even though they should not be.
670 vulnerabilities reference this CWE, most recent first.
GHSA-8MP4-2M2J-25XX
Vulnerability from github – Published: 2021-11-20 00:00 – Updated: 2026-04-02 15:31Philips MRI 1.5T and MRI 3T Version 5.x.x exposes sensitive information to an actor not explicitly authorized to have access.
{
"affected": [],
"aliases": [
"CVE-2021-42744"
],
"database_specific": {
"cwe_ids": [
"CWE-200",
"CWE-552",
"CWE-668"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2021-11-19T19:15:00Z",
"severity": "MODERATE"
},
"details": "Philips MRI 1.5T and MRI 3T Version 5.x.x exposes sensitive information to an actor not explicitly authorized to have access.",
"id": "GHSA-8mp4-2m2j-25xx",
"modified": "2026-04-02T15:31:34Z",
"published": "2021-11-20T00:00:50Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-42744"
},
{
"type": "WEB",
"url": "https://us-cert.cisa.gov/ics/advisories/icsma-21-313-01"
},
{
"type": "WEB",
"url": "https://www.usa.philips.com/healthcare/about/customer-support/product-security"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
},
{
"score": "CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"type": "CVSS_V4"
}
]
}
GHSA-8PH8-QHJ8-87RW
Vulnerability from github – Published: 2022-08-11 00:00 – Updated: 2022-08-13 00:00IBM Robotic Process Automation 21.0.0, 21.0.1, and 21.0.2 could allow a privileged user to obtain sensitive Azure bot credential information. IBM X-Force ID: 226342.
{
"affected": [],
"aliases": [
"CVE-2022-22490"
],
"database_specific": {
"cwe_ids": [
"CWE-552"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2022-08-10T17:15:00Z",
"severity": "MODERATE"
},
"details": "IBM Robotic Process Automation 21.0.0, 21.0.1, and 21.0.2 could allow a privileged user to obtain sensitive Azure bot credential information. IBM X-Force ID: 226342.",
"id": "GHSA-8ph8-qhj8-87rw",
"modified": "2022-08-13T00:00:25Z",
"published": "2022-08-11T00:00:21Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-22490"
},
{
"type": "WEB",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/226342"
},
{
"type": "WEB",
"url": "https://www.ibm.com/support/pages/node/6610397"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-8Q8W-8225-6GQ4
Vulnerability from github – Published: 2025-06-06 15:30 – Updated: 2025-06-06 15:30A flaw was found in Samba. The smbd service daemon does not pick up group membership changes when re-authenticating an expired SMB session. This issue can expose file shares until clients disconnect and then connect again.
{
"affected": [],
"aliases": [
"CVE-2025-0620"
],
"database_specific": {
"cwe_ids": [
"CWE-552"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-06-06T14:15:21Z",
"severity": "MODERATE"
},
"details": "A flaw was found in Samba. The smbd service daemon does not pick up group membership changes when re-authenticating an expired SMB session. This issue can expose file shares until clients disconnect and then connect again.",
"id": "GHSA-8q8w-8225-6gq4",
"modified": "2025-06-06T15:30:53Z",
"published": "2025-06-06T15:30:53Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-0620"
},
{
"type": "WEB",
"url": "https://access.redhat.com/security/cve/CVE-2025-0620"
},
{
"type": "WEB",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2370453"
},
{
"type": "WEB",
"url": "https://www.samba.org/samba/security/CVE-2025-0620.html"
},
{
"type": "WEB",
"url": "http://www.openwall.com/lists/oss-security/2025/06/03/8"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-8QR4-JVQH-CHVP
Vulnerability from github – Published: 2024-07-30 09:32 – Updated: 2024-07-30 09:32Matrix Tafnit v8
- CWE-552: Files or Directories Accessible to External Parties
{
"affected": [],
"aliases": [
"CVE-2024-38429"
],
"database_specific": {
"cwe_ids": [
"CWE-552"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-07-30T09:15:02Z",
"severity": "HIGH"
},
"details": "Matrix\u00a0Tafnit v8\n\n - \u00a0CWE-552: Files or Directories Accessible to External Parties",
"id": "GHSA-8qr4-jvqh-chvp",
"modified": "2024-07-30T09:32:05Z",
"published": "2024-07-30T09:32:05Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-38429"
},
{
"type": "WEB",
"url": "https://www.gov.il/en/Departments/faq/cve_advisories"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-8RHG-98VW-7QQH
Vulnerability from github – Published: 2023-09-04 00:30 – Updated: 2023-09-04 00:30A vulnerability was found in Dreamer CMS up to 4.1.3. It has been classified as problematic. Affected is an unknown function of the file /upload/ueditorConfig?action=config. The manipulation leads to files or directories accessible. It is possible to launch the attack remotely. The complexity of an attack is rather high. The exploitability is told to be difficult. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-238632. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.
{
"affected": [],
"aliases": [
"CVE-2023-4743"
],
"database_specific": {
"cwe_ids": [
"CWE-552"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2023-09-03T23:15:40Z",
"severity": "LOW"
},
"details": "A vulnerability was found in Dreamer CMS up to 4.1.3. It has been classified as problematic. Affected is an unknown function of the file /upload/ueditorConfig?action=config. The manipulation leads to files or directories accessible. It is possible to launch the attack remotely. The complexity of an attack is rather high. The exploitability is told to be difficult. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-238632. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.",
"id": "GHSA-8rhg-98vw-7qqh",
"modified": "2023-09-04T00:30:14Z",
"published": "2023-09-04T00:30:14Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-4743"
},
{
"type": "WEB",
"url": "https://github.com/FFR66/Dreamer-CMS_Unauthorized-access-vulnerability"
},
{
"type": "WEB",
"url": "https://vuldb.com/?ctiid.238632"
},
{
"type": "WEB",
"url": "https://vuldb.com/?id.238632"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-8WVR-GQ96-HF34
Vulnerability from github – Published: 2026-07-08 15:32 – Updated: 2026-07-08 15:32repomix contains a local file inclusion vulnerability in the git clone endpoint that allows unauthenticated attackers to read arbitrary local git repositories. The isValidRemoteValue function in src/core/git/gitRemoteParse.ts fails to block file:// URLs, permitting attackers to supply file:// scheme URLs that bypass validation and are passed directly to git clone, enabling unauthorized access to all tracked file contents on the server filesystem.
{
"affected": [],
"aliases": [
"CVE-2026-59703"
],
"database_specific": {
"cwe_ids": [
"CWE-552"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2026-07-08T15:16:32Z",
"severity": "HIGH"
},
"details": "repomix contains a local file inclusion vulnerability in the git clone endpoint that allows unauthenticated attackers to read arbitrary local git repositories. The isValidRemoteValue function in src/core/git/gitRemoteParse.ts fails to block file:// URLs, permitting attackers to supply file:// scheme URLs that bypass validation and are passed directly to git clone, enabling unauthorized access to all tracked file contents on the server filesystem.",
"id": "GHSA-8wvr-gq96-hf34",
"modified": "2026-07-08T15:32:03Z",
"published": "2026-07-08T15:32:03Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-59703"
},
{
"type": "WEB",
"url": "https://github.com/yamadashy/repomix/issues/1704"
},
{
"type": "WEB",
"url": "https://github.com/CrazyForks/repomix/commit/c748b524f41225e7fc6f89ad0084520901a453cf"
},
{
"type": "WEB",
"url": "https://github.com/yamadashy/repomix"
},
{
"type": "WEB",
"url": "https://www.vulncheck.com/advisories/repomix-local-file-inclusion-via-file-url-scheme-in-git-clone-endpoint"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
},
{
"score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"type": "CVSS_V4"
}
]
}
GHSA-8WX6-64X9-22WM
Vulnerability from github – Published: 2025-06-26 21:31 – Updated: 2025-08-19 09:30Multiple Brother driver installers for Windows contain a privilege escalation vulnerability. If exploited, an arbitrary program may be executed with the administrative privilege. As for the details of affected product names, model numbers, and versions, refer to the information provided by the respective vendors listed under [References].
{
"affected": [],
"aliases": [
"CVE-2025-49797"
],
"database_specific": {
"cwe_ids": [
"CWE-552"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-06-25T10:15:22Z",
"severity": "HIGH"
},
"details": "Multiple Brother driver installers for Windows contain a privilege escalation vulnerability. If exploited, an arbitrary program may be executed with the administrative privilege. As for the details of affected product names, model numbers, and versions, refer to the information provided by the respective vendors listed under [References].",
"id": "GHSA-8wx6-64x9-22wm",
"modified": "2025-08-19T09:30:30Z",
"published": "2025-06-26T21:31:11Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-49797"
},
{
"type": "WEB",
"url": "https://jvn.jp/en/vu/JVNVU91819309"
},
{
"type": "WEB",
"url": "https://support.brother.com/g/s/security"
},
{
"type": "WEB",
"url": "https://www.ricoh.com/products/security/vulnerabilities/vul?id=ricoh-2025-000009"
},
{
"type": "WEB",
"url": "https://www.toshibatec.com/information/20250625_01.html"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
},
{
"score": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"type": "CVSS_V4"
}
]
}
GHSA-8XQQ-WRHG-93Q9
Vulnerability from github – Published: 2024-11-12 21:30 – Updated: 2025-07-25 21:33Authenticated user can access unintended user capabilities in NetScaler ADC and NetScaler Gateway if the appliance must be configured as a Gateway (SSL VPN, ICA Proxy, CVPN, RDP Proxy) with KCDAccount configuration for Kerberos SSO to access backend resources OR the appliance must be configured as an Auth Server (AAA Vserver) with KCDAccount configuration for Kerberos SSO to access backend resources
{
"affected": [],
"aliases": [
"CVE-2024-8535"
],
"database_specific": {
"cwe_ids": [
"CWE-552"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-11-12T19:15:19Z",
"severity": "MODERATE"
},
"details": "Authenticated user can access unintended user capabilities\u00a0in\u00a0NetScaler ADC and NetScaler Gateway if the appliance must be configured as a Gateway (SSL VPN, ICA Proxy, CVPN, RDP Proxy) with KCDAccount configuration for Kerberos SSO to access backend resources\u00a0OR\u00a0the appliance must be configured as an\u00a0Auth Server (AAA Vserver) with KCDAccount configuration for Kerberos SSO to access backend resources",
"id": "GHSA-8xqq-wrhg-93q9",
"modified": "2025-07-25T21:33:45Z",
"published": "2024-11-12T21:30:54Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-8535"
},
{
"type": "WEB",
"url": "https://support.citrix.com/s/article/CTX691608-netscaler-adc-and-netscaler-gateway-security-bulletin-for-cve20248534-and-cve20248535?language=en_US"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
},
{
"score": "CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:L/VI:L/VA:L/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"type": "CVSS_V4"
}
]
}
GHSA-93F2-XP2G-GQXP
Vulnerability from github – Published: 2022-05-03 00:01 – Updated: 2022-05-03 00:01An access-control flaw was found in the OpenStack Orchestration (heat) service before 8.0.0, 6.1.0 and 7.0.2 where a service log directory was improperly made world readable. A malicious system user could exploit this flaw to access sensitive information.
{
"affected": [],
"aliases": [
"CVE-2017-2621"
],
"database_specific": {
"cwe_ids": [
"CWE-532",
"CWE-552"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2018-07-27T18:29:00Z",
"severity": "MODERATE"
},
"details": "An access-control flaw was found in the OpenStack Orchestration (heat) service before 8.0.0, 6.1.0 and 7.0.2 where a service log directory was improperly made world readable. A malicious system user could exploit this flaw to access sensitive information.",
"id": "GHSA-93f2-xp2g-gqxp",
"modified": "2022-05-03T00:01:26Z",
"published": "2022-05-03T00:01:26Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-2621"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2017:1243"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2017:1464"
},
{
"type": "WEB",
"url": "https://access.redhat.com/security/cve/CVE-2017-2621"
},
{
"type": "WEB",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1420990"
},
{
"type": "WEB",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-2621"
},
{
"type": "WEB",
"url": "http://www.securityfocus.com/bid/96280"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-93V4-X3JR-8CFQ
Vulnerability from github – Published: 2022-05-24 17:45 – Updated: 2022-05-24 17:45A vulnerability in the CLI of Cisco IOS XE SD-WAN Software could allow an authenticated, local attacker to overwrite arbitrary files in the underlying file system. This vulnerability is due to insufficient validation of the parameters of a specific CLI command. An attacker could exploit this vulnerability by issuing that command with specific parameters. A successful exploit could allow the attacker to overwrite the content of any arbitrary file that resides on the underlying host file system.
{
"affected": [],
"aliases": [
"CVE-2021-1434"
],
"database_specific": {
"cwe_ids": [
"CWE-552"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2021-03-24T20:15:00Z",
"severity": "MODERATE"
},
"details": "A vulnerability in the CLI of Cisco IOS XE SD-WAN Software could allow an authenticated, local attacker to overwrite arbitrary files in the underlying file system. This vulnerability is due to insufficient validation of the parameters of a specific CLI command. An attacker could exploit this vulnerability by issuing that command with specific parameters. A successful exploit could allow the attacker to overwrite the content of any arbitrary file that resides on the underlying host file system.",
"id": "GHSA-93v4-x3jr-8cfq",
"modified": "2022-05-24T17:45:14Z",
"published": "2022-05-24T17:45:14Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-1434"
},
{
"type": "WEB",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxe-arbfile-FUxskKDE"
}
],
"schema_version": "1.4.0",
"severity": []
}
Mitigation
When storing data in the cloud (e.g., S3 buckets, Azure blobs, Google Cloud Storage, etc.), use the provider's controls to disable public access.
CAPEC-150: Collect Data from Common Resource Locations
An adversary exploits well-known locations for resources for the purposes of undermining the security of the target. In many, if not most systems, files and resources are organized in a default tree structure. This can be useful for adversaries because they often know where to look for resources or files that are necessary for attacks. Even when the precise location of a targeted resource may not be known, naming conventions may indicate a small area of the target machine's file tree where the resources are typically located. For example, configuration files are normally stored in the /etc director on Unix systems. Adversaries can take advantage of this to commit other types of attacks.
CAPEC-639: Probe System Files
An adversary obtains unauthorized information due to improperly protected files. If an application stores sensitive information in a file that is not protected by proper access control, then an adversary can access the file and search for sensitive information.