Corgea LogoCorgea Security Hub

CWE-220: Storage of File With Sensitive Data Under FTP Root

Learn about CWE-220 (Storage of File With Sensitive Data Under FTP Root), its security impact, exploitation methods, and prevention guidelines.

What is Storage of File With Sensitive Data Under FTP Root?

• Overview: Storage of files containing sensitive data under the FTP root directory can inadvertently expose them to unauthorized access, as FTP servers often have broad access permissions and lack sufficient access controls.

• Exploitation Methods:

  • Attackers can exploit this vulnerability by scanning FTP servers for accessible directories and files.
  • Common attack patterns include unauthorized file access through anonymous FTP logins or exploiting weak FTP credentials.

• Security Impact:

  • Direct consequences include unauthorized disclosure of sensitive data.
  • Potential cascading effects could involve further attacks using the exposed data, such as identity theft or credential stuffing.
  • Business impact could be severe, leading to data breaches, loss of customer trust, regulatory fines, and legal liabilities.

• Prevention Guidelines:

  • Specific code-level fixes include configuring the FTP server to restrict access permissions for sensitive directories and files.
  • Security best practices involve regularly auditing and monitoring FTP server configurations and access logs.
  • Recommended tools and frameworks include using secure file transfer protocols like SFTP or FTPS, and implementing network access controls to limit who can connect to the FTP server.
Corgea can automatically detect and fix Storage of File With Sensitive Data Under FTP Root in your codebase. [Try Corgea free today](https://corgea.app).

Technical Details

Likelihood of Exploit: Not specified

Affected Languages: Not Language-Specific

Affected Technologies: Not specified

Various Unix FTP servers require a password file that is under the FTP root, due to use of chroot.

Vulnerable Code Example

import os

def store_sensitive_file(file_content):
    # Vulnerable: Storing sensitive data directly under FTP root directory
    # This makes the file accessible to anyone with access to the FTP server
    with open('/ftp_root/sensitive_data.txt', 'w') as file:
        file.write(file_content)

# Simulated sensitive data
sensitive_content = "user:password123"
store_sensitive_file(sensitive_content)

Explanation of the Vulnerability

  • Insecure Storage Location: The sensitive data is stored directly under the FTP root directory (/ftp_root). This location is typically accessible to anyone with FTP server access, posing a significant risk of unauthorized data exposure.
  • Lack of Encryption: The sensitive data is stored in plaintext, making it easily readable by anyone who gains access to the file.

How to fix Storage of File With Sensitive Data Under FTP Root?

To address the vulnerability, we need to:

  1. Store Sensitive Data Securely: Avoid storing sensitive data in public directories. Use secure storage mechanisms, such as databases with encryption.
  2. Access Control: Implement strict access controls to limit who can access sensitive files.
  3. Encryption: Encrypt sensitive data before storage, so even if unauthorized access occurs, the data remains protected.
  4. Environment Variables and Configuration Files: Store sensitive configuration data in environment variables or secured configuration files outside of public directories.

Fixed Code Example

import os
from cryptography.fernet import Fernet

def store_sensitive_file_securely(file_content):
    # Generate a key for encryption and save it securely (not shown here)
    key = Fernet.generate_key()
    cipher_suite = Fernet(key)
    
    # Encrypt the sensitive content
    encrypted_content = cipher_suite.encrypt(file_content.encode())

    # Store the encrypted data in a secure location outside of the FTP root
    with open('/secure_storage/sensitive_data.txt', 'wb') as file:
        file.write(encrypted_content)

# Simulated sensitive data
sensitive_content = "user:password123"
store_sensitive_file_securely(sensitive_content)

Explanation of the Fix

  • Encryption: The sensitive content is encrypted using the cryptography library. This ensures that even if unauthorized access occurs, the data remains protected and unreadable without the encryption key.
  • Secure Storage Location: The sensitive data is stored in a secure directory (/secure_storage) rather than the FTP root, mitigating the risk of exposure.
  • Key Management: While not shown here, key management is crucial. The encryption key must be stored securely, separate from the data it protects. This example uses Fernet for encryption, which is straightforward to implement and provides robust security.

This approach ensures that sensitive data is both encrypted and stored securely, significantly reducing the risk of unauthorized access.

Corgea Logo

Find this vulnerability and fix it with Corgea

Scan your codebase for CWE-220: Storage of File With Sensitive Data Under FTP Root and get remediation guidance

Start for free and no credit card needed.