Screen Temporary Files for Sensitive Information
Attack Pattern ID: 155 (Standard Attack Pattern Completeness: Stub)Typical Severity: MediumStatus: Draft
+ Description

Summary

An attacker exploits the temporary, insecure storage of information by monitoring the content of files used to store temp data during an application's routine execution flow. Many applications use temporary files to accelerate processing or to provide records of state across multiple executions of the application. Sometimes, however, these temporary files may end up storing sensitive information. By screening an application's temporary files, an attacker might be able to discover such sensitive information. For example, web browsers often cache content to accelerate subsequent lookups. If the content contains sensitive information then the attacker could recover this from the web cache.

+ Attack Prerequisites

The target application must utilize temporary files and must fail to adequately secure them against other parties reading them.

+ Resources Required

Because some application may have a large number of temporary files and/or these temporary files may be very large, an attacker may need tools that help them quickly search these files for sensitive information. If the attacker can simply copy the files to another location and if the speed of the search is not important, the attacker can still perform the attack without any special resources.

+ Related Weaknesses
CWE-IDWeakness NameWeakness Relationship Type
311Missing SecurityDatabase\Encrypt\Encryption of Sensitive DataTargeted
+ Related Attack Patterns
NatureTypeIDNameDescriptionView(s) this relationship pertains toView\(s\)
ChildOfCategoryCategory223Probabilistic Techniques 
Mechanism of Attack (primary)1000
Back to top