Old/Backup Resource Found
Impact: Low
Description
Old or backup files left accessible on a web server can inadvertently expose sensitive information such as source code, administrative interfaces, or credentials. These files may provide attackers with valuable insights into the application’s architecture and potentially aid in exploiting vulnerabilities.
Recommendation
To mitigate the risk of information disclosure, regularly audit web server directories for old or backup files and remove them from publicly accessible locations. Implement measures to prevent automatic creation or copying of backup files into these directories.
References
- CWE-200
- CWE-530
- OWASP 2021-A5
- OWASP: Review Old Backup and Unreferenced Files for Sensitive Information
👉 You might also like:
Sensitive Old/Backup Resource Found - Vulnerability
Sensitive Unreferenced Resource Found - Vulnerability
Unreferenced Resource Found - Vulnerability
Unreferenced Login Page Found - Vulnerability
Last updated on May 13, 2024