Detections
Analytics
Backup File
medium Web App Scanning Plugin ID 98074
Language:
Synopsis
Backup FileDescription
A common practice when administering web applications is to create a copy/backup of a particular file or directory prior to making any modification to the file. Another common practice is to add an extension or change the name of the original file to signify that it is a backup (examples include `.bak`, `.orig`, `.backup`, etc.).During the initial recon stages of an attack, cyber-criminals will attempt to locate backup files by adding common extensions onto files already discovered on the webserver. By analysing the response headers from the server they are able to determine if the backup file exists. These backup files can then assist in the compromise of the web application.
By utilising the same method, the scanner was able to discover a possible backup file.
Solution
Do not keep obsolete versions of files under the virtual web server root. If the detected file(s) contained sensitive information like credentials or private api keys, ensure that they have been rotated and are no longer active.See Also
http://www.webappsec.org/projects/threat/classes/information_leakage.shtml
Plugin Details
Severity: Medium
ID: 98074
Type: remote
Family: Data Exposure
Published: 3/31/2017
Updated: 2/10/2023
Scan Template: api, basic, full, pci, scan
Risk Information
VPR
Risk Factor: Low
Score: 3.9
CVSS v2
Risk Factor: Medium
Base Score: 5
Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N
CVSS Score Source: Tenable
CVSS v3
Risk Factor: Medium
Base Score: 5.3
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
CVSS Score Source: Tenable
Reference Information
CWE: 530
OWASP: 2010-A6, 2013-A5, 2017-A6
WASC: Predictable Resource Location
DISA STIG: APSC-DV-003090
HIPAA: 164.306(a)(1), 164.306(a)(2)
ISO: 27001-A.12.3.1, 27001-A.17.1.2, 27001-A.18.1.3
NIST: sp800_53-CP-9d
OWASP API: 2019-API3, 2023-API3
OWASP ASVS: 4.0.2-12.5.1
PCI-DSS: 3.2-2.2