CWE-921
Storage of Sensitive Data in a Mechanism without Access Control
The product stores sensitive information in a file system or device that does not have built-in access control.
Official CWE-921 definition at MITREImpactr finds and proves weaknesses like CWE-921 in your web apps and APIs - investigating, chaining, and validating each with a reproducible exploit.
Join the waitlist