Directory Listing of Sensitive Files

Impact: Low

Description

Directory listing of sensitive files occurs when directory listing, if enabled, exposes the complete index of resources within a directory to potential attackers. This can lead to unauthorized access to sensitive files and directories, potentially exposing confidential information or critical system files.

Recommendation

To prevent directory listing of sensitive files:

Create a default index file (e.g., index.html) within directories to serve as the entry point.
Disable directory listing in the web server configurations to prevent the exposure of directory contents.

References

CWE-200
CWE-548
OWASP 2021-A5

👉 You might also like:

Directory Listing - Vulnerability

Microsoft IIS Tilde Directory Enumeration - Vulnerability

Apache Version Disclosure - Vulnerability

ASP.NET Version Disclosure - Vulnerability

Last updated on May 13, 2024

Directory Listing of Sensitive Files

Description

Recommendation

References

This issue is available in SmartScanner Professional