CWE-379

Overview

CWE ID
379

CWE Name
Creation of Temporary File in Directory with Insecure Permissions

CWE Abstraction
Base

CWE structure
Simple

CWE Status
Incomplete

Description

The software creates a temporary file in a directory whose permissions allow unintended actors to determine the file's existence or otherwise access that file.

Extended Description

On some operating systems, the fact that the temporary file exists may be apparent to any user with sufficient privileges to access that directory. Since the file is visible, the application that is using the temporary file could be known. If one has acce

Related CWEs

CWE ID	View ID	Nature	Ordinal
377	1000	ChildOf	Primary

Related CVEs

CVE
CVE-2021-28613
CVE-2021-43017
CVE-2021-21068
CVE-2021-40708
CVE-2021-39828
CVE-2021-21100
CVE-2022-23950
CVE-2023-21612
CVE-2023-21611
CVE-2023-26396
CVE-2021-28633
CVE-2023-3181
CVE-2023-3972
CVE-2023-37243
CVE-2023-32450
CVE-2023-49797
CVE-2023-38533
CVE-2023-49797
CVE-2023-38533
CVE-2023-6080