1. Home
  2. CWE Database
  3. CWE-377
Class · High

CWE-377: Insecure Temporary File

Creating and using insecure temporary files can leave application and system data vulnerable to attack.

CWE-377 · Class Level ·1 CVEs

Description

Creating and using insecure temporary files can leave application and system data vulnerable to attack.

Potential Impact

Confidentiality, Integrity

Read Files or Directories, Modify Files or Directories

Demonstrative Examples

The following code uses a temporary file for storing intermediate data gathered from the network before it is processed.
Bad
if (tmpnam_r(filename)) {
                        
                           FILE* tmp = fopen(filename,"wb+");while((recv(sock,recvbuf,DATA_SIZE, 0) > 0)&(amt!=0)) amt = fwrite(recvbuf,1,DATA_SIZE,tmp);
                     }...
This otherwise unremarkable code is vulnerable to a number of different attacks because it relies on an insecure method for creating temporary files. The vulnerabilities introduced by this function and others are described in the following sections. The most egregious security problems related to temporary file creation have occurred on Unix-based operating systems, but Windows applications have parallel risks. This section includes a discussion of temporary file creation on both Unix and Windows systems. Methods and behaviors can vary between systems, but the fundamental risks introduced by each are reasonably constant.

Detection Methods

  • Automated Static Analysis High — Automated static analysis, commonly referred to as Static Application Security Testing (SAST), can find some instances of this weakness by analyzing source code (or binary/compiled code) without having to execute it. Typically, this is done by building a model of data flow and control flow, then sea

Real-World CVE Examples

CVE IDDescription
CVE-2022-41954A library uses the Java File.createTempFile() method which creates a file with "-rw-r--r--" default permissions on Unix-like operating systems

CWE-668: Exposure of Resource to Wrong Sphere

The product exposes a resource to the wrong control sphere, providing unintended actors with inappropriate access to the...

Taxonomy Mappings

  • 7 Pernicious Kingdoms: — Insecure Temporary File
  • CERT C Secure Coding: CON33-C — Avoid race conditions when using library functions
  • The CERT Oracle Secure Coding Standard for Java (2011): FIO00-J — Do not operate on files in shared directories

Frequently Asked Questions

What is CWE-377?

CWE-377 (Insecure Temporary File) is a software weakness identified by MITRE's Common Weakness Enumeration. It is classified as a Class-level weakness. Creating and using insecure temporary files can leave application and system data vulnerable to attack.

How can CWE-377 be exploited?

Attackers can exploit CWE-377 (Insecure Temporary File) to read files or directories, modify files or directories. This weakness is typically introduced during the Implementation phase of software development.

How do I prevent CWE-377?

Follow secure coding practices, conduct code reviews, and use automated security testing tools (SAST/DAST) to detect this weakness early in the development lifecycle.

What is the severity of CWE-377?

CWE-377 is classified as a Class-level weakness (High abstraction). It has been observed in 1 real-world CVEs.