CWE-459 Detail

CWE-459

Incomplete Cleanup
Draft
2006-07-19
00h00 +00:00
2025-12-11
00h00 +00:00
CWE Mitre.org
Meldingen voor een CWE
Blijf op de hoogte van wijzigingen voor een specifieke CWE.
Meldingen beheren

Naam: Incomplete Cleanup

The product does not properly "clean up" and remove temporary or supporting resources after they have been used.

Algemene informatie

Introductiemodi

Implementation

Toepasselijke platforms

Taal

Class: Not Language-Specific (Undetermined)

Veelvoorkomende gevolgen

Bereik Impact Waarschijnlijkheid
Other
Confidentiality
Integrity		Other, Read Application Data, Modify Application Data, DoS: Resource Consumption (Other)

Note: It is possible to overflow the number of temporary files because directories typically have limits on the number of files allowed. This could create a denial of service problem.

Waargenomen voorbeelden

Referenties Beschrijving

CVE-2000-0552

World-readable temporary file not deleted after use.

CVE-2005-2293

Temporary file not deleted after use, leaking database usernames and passwords.

CVE-2002-0788

Interaction error creates a temporary file that can not be deleted due to strong permissions.

CVE-2002-2066

Alternate data streams for NTFS files are not cleared when files are wiped (alternate channel / infoleak).

CVE-2002-2067

Alternate data streams for NTFS files are not cleared when files are wiped (alternate channel / infoleak).

CVE-2002-2068

Alternate data streams for NTFS files are not cleared when files are wiped (alternate channel / infoleak).

CVE-2002-2069

Alternate data streams for NTFS files are not cleared when files are wiped (alternate channel / infoleak).

CVE-2002-2070

Alternate data streams for NTFS files are not cleared when files are wiped (alternate channel / infoleak).

CVE-2005-1744

Users not logged out when application is restarted after security-relevant changes were made.

Mogelijke risicobeperkingen

Phases : Architecture and Design // Implementation
Temporary files and other supporting resources should be deleted/released immediately after they are no longer needed.

Detectiemethoden

Automated Static Analysis

Automated static analysis, commonly referred to as Static Application Security Testing (SAST), can find some instances of this weakness by analyzing source code (or binary/compiled code) without having to execute it. Typically, this is done by building a model of data flow and control flow, then searching for potentially-vulnerable patterns that connect "sources" (origins of input) with "sinks" (destinations where the data interacts with external components, a lower layer such as the OS, etc.)
Effectiviteit : High

Notities kwetsbaarheidsmapping

Rechtvaardiging : This CWE entry is at the Base level of abstraction, which is a preferred level of abstraction for mapping to the root causes of vulnerabilities.
Opmerking : Carefully read both the name and description to ensure that this mapping is an appropriate fit. Do not try to 'force' a mapping to a lower-level Base/Variant simply to comply with this preferred level of abstraction.

Notities

CWE-459 is a child of CWE-404 because, while CWE-404 covers any type of improper shutdown or release of a resource, CWE-459 deals specifically with a multi-step shutdown process in which a crucial step for "proper" cleanup is omitted or impossible. That is, CWE-459 deals specifically with a cleanup or shutdown process that does not successfully remove all potentially sensitive data.
Overlaps other categories such as permissions and containment. Concept needs further development. This could be primary (e.g. leading to infoleak) or resultant (e.g. resulting from unhandled error conditions or early termination).

Indiening

Naam Organisatie Datum Releasedatum Version
PLOVER 2006-07-19 +00:00 2006-07-19 +00:00 Draft 3

Wijzigingen

Naam Organisatie Datum Opmerking
Sean Eidemiller Cigital 2008-07-01 +00:00 added/updated demonstrative examples
Eric Dalci Cigital 2008-07-01 +00:00 updated Time_of_Introduction
CWE Content Team MITRE 2008-09-08 +00:00 updated Relationships, Other_Notes, Taxonomy_Mappings
CWE Content Team MITRE 2009-05-27 +00:00 updated Relationship_Notes, Relationships
CWE Content Team MITRE 2011-06-01 +00:00 updated Common_Consequences, Relationships, Taxonomy_Mappings
CWE Content Team MITRE 2012-05-11 +00:00 updated Relationships, Taxonomy_Mappings
CWE Content Team MITRE 2012-10-30 +00:00 updated Potential_Mitigations
CWE Content Team MITRE 2014-06-23 +00:00 updated Common_Consequences, Other_Notes, Relationship_Notes
CWE Content Team MITRE 2014-07-30 +00:00 updated Relationships, Taxonomy_Mappings
CWE Content Team MITRE 2017-11-08 +00:00 updated Applicable_Platforms, Taxonomy_Mappings
CWE Content Team MITRE 2019-01-03 +00:00 updated Relationships, Taxonomy_Mappings
CWE Content Team MITRE 2019-06-20 +00:00 updated Relationships
CWE Content Team MITRE 2020-08-20 +00:00 updated Relationships
CWE Content Team MITRE 2023-01-31 +00:00 updated Description
CWE Content Team MITRE 2023-04-27 +00:00 updated Detection_Factors, Relationships, Time_of_Introduction
CWE Content Team MITRE 2023-06-29 +00:00 updated Mapping_Notes
CWE Content Team MITRE 2025-12-11 +00:00 updated Weakness_Ordinalities
De informatie die op CVE Find wordt gepresenteerd, is afkomstig van verschillende zorgvuldig geselecteerde referentiebronnen. CVE-gegevens worden geleverd door MITRE Corporation en de National Vulnerability Database (NVD). De Known Exploited Vulnerabilities (KEV)-catalogus is afkomstig van de Cybersecurity and Infrastructure Security Agency (CISA), terwijl EPSS-scores afkomstig zijn van FIRST.org. Daarnaast worden gegevens over softwarezwakheden (CWE) en veelvoorkomende aanvalspatronen (CAPEC) bijgehouden door MITRE Corporation, en informatie over hardware- en softwareconfiguraties (CPE) wordt geleverd door de NVD.