Skip to main content

Insecurely deleted files

Description

It is possible to retrieve deleted files with sensitive information because they were merely sent to the Recycle Bin or removed using insecure protocols.

Impact

Recover with unauthorized access, deleted files with sensitive information.

Recommendation

Good practices must be followed to clean, delete, and destruction of sensitive information (Policies).

Threat

Authenticated attacker from local network.

Expected Remediation Time

⌚ 15 minutes.

Score

Default score using CVSS 3.1. It may change depending on the context of the vulnerability.

Base

  • Attack vector: N
  • Attack complexity: L
  • Privileges required: N
  • User interaction: N
  • Scope: U
  • Confidentiality: N
  • Integrity: N
  • Availability: N

Temporal

  • Exploit code madurity: X
  • Remediation level: X
  • Report confidence: X

Result

  • Vector string: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N/E:X/RL:X/RC:X
  • Score:
    • Base: 0.0
    • Temporal: 0.0
  • Severity:
    • Base: None
    • Temporal: None

Code Examples

Compliant code

A recommended practice is to overwrite the contents of a file before deleting it

public partial class WebForm : System.Web.UI.Page {
protected void Page_Load(object fileToDelete, EventArgs e) {
overWriteFile(fileToDelete, "0000000000000")
file.delete(fileToDelete);
}
}

Non compliant code

The files are deleted without making changes to their content, which could still allow for information to be retrieved

public partial class WebForm : System.Web.UI.Page {
protected void Page_Load(object fileToDelete, EventArgs e) {
file.delete(fileToDelete);
}
}

Requirements