Skip to main content

File disclosure

Description

A critical file was disclosed by the web server.

Remediation

Remove the file from the web server.

REST Specific

Asp_net

Implement proper access controls and ensure sensitive files are not stored within web-accessible directories. Use the web.config file to restrict unauthorized access to critical files and employ ASP.NET features like the element to specify access rules for different users and roles.

Ruby_on_rails

Ensure proper access controls are in place for sensitive files and configure the web server to restrict access to critical file paths. Use the 'send_file' method in Ruby on Rails controllers to securely serve files, and validate user permissions before allowing file access.

Next_js

Ensure that server-side configurations or Next.js API routes do not inadvertently serve sensitive files. Use a well-configured .next/static folder for static assets and restrict access to any critical files through proper server rules or middleware. Regularly audit your file-serving routes to prevent unintended file disclosures.

Laravel

Ensure proper access controls are in place for sensitive files and directories. Use Laravel's built-in authorization features to restrict access, and configure your web server to deny direct access to critical files. Additionally, regularly audit your storage directories and .env file to prevent unintended exposure.

Express_js

To prevent critical file disclosure in an Express.js application, ensure that user input is not directly used to serve files from the server. Implement strict access controls and use a whitelist approach to serve only intended public files. Additionally, employ middleware like 'helmet' to secure Express apps by setting various HTTP headers and 'express-rate-limit' to prevent brute-force attempts at discovering files. Regularly audit your application for unintended static directories or routes that may expose sensitive files.

Django

Ensure that Django's built-in security features are properly configured to prevent unauthorized file disclosures. Use the 'X-Sendfile' header for serving protected files, set 'DEBUG' to False in production, and restrict file access by implementing proper user authentication and permissions checks.

Symfony

In the Symfony framework, ensure that your server configuration or .htaccess file properly denies access to sensitive files. Use the 'access_control' feature in the security.yaml configuration file to restrict access based on patterns. Additionally, regularly audit your code to ensure that no critical files are being exposed through routes or public directories.

Spring_boot

Ensure that the Spring Boot application is configured to restrict access to sensitive files. Implement proper access controls and use the Spring Security framework to define security constraints. Regularly audit your application's security configuration and update the security rules as necessary to prevent unauthorized file disclosure.

Flask

To prevent critical file disclosure in a Flask application, ensure that the web server is properly configured to deny access to sensitive files and directories. Use Flask's send_from_directory function with caution, explicitly defining accessible paths, and avoid serving dynamic content from user input. Implement proper access control checks within your application logic to restrict unauthorized users from accessing protected resources. Additionally, regularly review and update your .htaccess or web server configuration files to prevent directory listing and secure file permissions.

Nuxt

Ensure that the Nuxt.js server configuration properly restricts access to sensitive files and directories. Implement access control checks and serve static files explicitly through Nuxt.js configuration to prevent unintended file disclosure. Regularly audit file permissions and use middleware to filter out requests for critical files.

Fastapi

To prevent critical file disclosure in FastAPI, ensure that sensitive files are not stored in publicly accessible directories. Implement proper access controls and use secure configuration settings for the server. Additionally, validate and sanitize user input to prevent path traversal attacks. Regularly review and update security policies and practices.

Configuration

Identifier: information_disclosure/file_disclosure

Examples

Ignore this check

checks:
information_disclosure/file_disclosure:
skip: true

Score

  • Escape Severity: LOW

Compliance

  • OWASP: API7:2023

  • pci: 6.5.3

  • gdpr: Article-32

  • soc2: CC6

  • psd2: Article-95

  • iso27001: A.14.1

  • nist: SP800-53

  • fedramp: AC-3

Classification

  • CWE: 200

Score

  • CVSS_VECTOR: AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
  • CVSS_SCORE: 7.5