CWE-527: Exposure of Version-Control Repository to an Unauthorized Control Sphere
The product stores a CVS, git, or other repository in a directory, archive, or other resource that is stored, transferred, or otherwise made accessible to unauthorized actors.
Last updated
Overview
Version control repositories such as CVS or git store version-specific metadata and other details within subdirectories. If these subdirectories are stored on a web server or added to an archive, then these could be used by an attacker. This information may include usernames, filenames, path root, IP addresses, and detailed "diff" data about how files have been changed - which could reveal source code snippets that were never intended to be made public.
Real-world CVEs
2 recorded CVEs are caused by CWE-527 (Exposure of Version-Control Repository to an Unauthorized Control Sphere). The highest-severity and most recent are shown first.
Common consequences
What can happen when CWE-527 is exploited.
Read Application Data, Read Files or Directories
Affects: Confidentiality
How it happens
When it is introduced
Typically introduced during these phases of the software lifecycle.
Applies to
Technologies
How to prevent it
Practical mitigations for CWE-527, grouped by where in the lifecycle they apply.
Recommendations include removing any CVS directories and repositories from the production server, disabling the use of remote CVS repositories, and ensuring that the latest CVS patches and version updates have been performed.
Frequently asked questions
Common questions about CWE-527.
- What is CWE-527?
- The product stores a CVS, git, or other repository in a directory, archive, or other resource that is stored, transferred, or otherwise made accessible to unauthorized actors.
- What CVEs are caused by CWE-527?
- 2 recorded CVEs are attributed to CWE-527, including CVE-2021-21423, CVE-2022-20931.
- How do you prevent CWE-527?
- Recommendations include removing any CVS directories and repositories from the production server, disabling the use of remote CVS repositories, and ensuring that the latest CVS patches and version updates have been performed.
- What are the consequences of CWE-527?
- Exploiting CWE-527 can lead to: Read Application Data, Read Files or Directories.
- Is CWE-527 actively exploited?
- 2 recorded CVEs are caused by CWE-527; none are currently in CISA's KEV catalog of actively exploited flaws.
References
- MITRE CWE definition (CWE-527) (opens in a new tab)
- CWE-527 vulnerabilities on NVD (opens in a new tab)
- Learn: What is a CWE?
Weakness data is sourced from the MITRE CWE catalog (v4.20). CVE associations are aggregated and kept current by RadicalNotion.AI.
Stay ahead of CWE-527
Get alerted the moment a new CWE-527 vulnerability affects your stack, with AI-written analysis, severity context, and remediation guidance.