082 – Insecurely deleted files

Description

It is possible to retrieve deleted files with sensitive information because they were merely sent to the Recycle Bin or removed using insecure protocols.

Impact

Recover with unauthorized access, deleted files with sensitive information.

Recommendation

Good practices must be followed to clean, delete, and destruction of sensitive information (Policies).

Threat

Anonymous attacker from local network.

Expected Remediation Time

15 minutes.

Score 4.0

Default score using CVSS 4.0. It may change depending on the context of the src.

Base 4.0

• Attack vector: L
• Attack complexity: L
• Attack Requirements: N
• Privileges required: N
• User interaction: N
• Confidentiality (VC): L
• Integrity (VI): N
• Availability (VA): N
• Confidentiality (SC): N
• Integrity (SI): N
• Availability (SA): N

Threat 4.0

• Exploit maturity: U

Requirements

• 183 - Delete sensitive data securely

Fixes

• Go
• Java
• Python
• Ruby
• Scala

Last updated

2024/02/12