Last update: February 19, 2023 Exposure of Access Control List Files to an Unauthorized Control Sphere The product stores access control list files in a directory or other container that is accessible to actors outside of the intended control sphere.