VYPR

CWE-200

Exposure of Sensitive Information to an Unauthorized Actor

ClassDraftLikelihood: High

Description

The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

Hierarchy (View 1000)

Related attack patterns (CAPEC)

CAPEC-116 · CAPEC-13 · CAPEC-169 · CAPEC-22 · CAPEC-224 · CAPEC-285 · CAPEC-287 · CAPEC-290 · CAPEC-291 · CAPEC-292 · CAPEC-293 · CAPEC-294 · CAPEC-295 · CAPEC-296 · CAPEC-297 · CAPEC-298 · CAPEC-299 · CAPEC-300 · CAPEC-301 · CAPEC-302 · CAPEC-303 · CAPEC-304 · CAPEC-305 · CAPEC-306 · CAPEC-307 · CAPEC-308 · CAPEC-309 · CAPEC-310 · CAPEC-312 · CAPEC-313 · CAPEC-317 · CAPEC-318 · CAPEC-319 · CAPEC-320 · CAPEC-321 · CAPEC-322 · CAPEC-323 · CAPEC-324 · CAPEC-325 · CAPEC-326 · CAPEC-327 · CAPEC-328 · CAPEC-329 · CAPEC-330 · CAPEC-472 · CAPEC-497 · CAPEC-508 · CAPEC-573 · CAPEC-574 · CAPEC-575 · CAPEC-576 · CAPEC-577 · CAPEC-59 · CAPEC-60 · CAPEC-616 · CAPEC-643 · CAPEC-646 · CAPEC-651 · CAPEC-79

CVEs mapped to this weakness (7,319)

page 1 of 366
  • CVE-2018-5430HigKEVApr 17, 2018
    risk 0.76cvss 8.8epss 0.49

    The Spring web flows of TIBCO Software Inc.'s TIBCO JasperReports Server, TIBCO JasperReports Server Community Edition, TIBCO JasperReports Server for ActiveMatrix BPM, TIBCO Jaspersoft for AWS with Multi-Tenancy, and TIBCO Jaspersoft Reporting and Analytics for AWS contain a…

  • CVE-2018-7251CriFeb 19, 2018
    risk 0.73cvss 9.8epss 0.72

    An issue was discovered in config/error.php in Anchor 0.12.3. The error log is exposed at an errors.log URI, and contains MySQL credentials if a MySQL error (such as "Too many connections") has occurred.

  • CVE-2017-11165CriJul 12, 2017
    risk 0.72cvss 9.8epss 0.64

    dataTaker DT80 dEX 1.50.012 allows remote attackers to obtain sensitive credential and configuration information via a direct request for the /services/getFile.cmd?userfile=config.xml URI.

  • CVE-2016-10175CriJan 30, 2017
    risk 0.72cvss 9.8epss 0.65

    The NETGEAR WNR2000v5 router leaks its serial number when performing a request to the /BRS_netgear_success.html URI. This serial number allows a user to obtain the administrator username and password, when used in combination with the CVE-2016-10176 vulnerability that allows…

  • CVE-2008-0655HigKEVFeb 7, 2008
    risk 0.72cvss 8.8epss 0.37

    Multiple unspecified vulnerabilities in Adobe Reader and Acrobat before 8.1.2 have unknown impact and attack vectors.

  • CVE-2018-12634CriJun 22, 2018
    risk 0.71cvss 9.8epss 0.58

    CirCarLife Scada before 4.3 allows remote attackers to obtain sensitive information via a direct request for the html/log or services/system/info.html URI.

  • CVE-2018-9126CriApr 4, 2018
    risk 0.71cvss 9.8epss 0.50

    The DNNArticle module 11 for DNN (formerly DotNetNuke) allows remote attackers to read the web.config file, and consequently discover database credentials, via the /GetCSS.ashx/?CP=%2fweb.config URI.

  • CVE-2016-6415HigKEVSep 19, 2016
    risk 0.71cvss 7.5epss 0.88

    The server IKEv1 implementation in Cisco IOS 12.2 through 12.4 and 15.0 through 15.6, IOS XE through 3.18S, IOS XR 4.3.x and 5.0.x through 5.2.x, and PIX before 7.0 allows remote attackers to obtain sensitive information from device memory via a Security Association (SA)…

  • CVE-2018-0127CriFeb 8, 2018
    risk 0.70cvss 9.8epss 0.78

    A vulnerability in the web interface of Cisco RV132W ADSL2+ Wireless-N VPN Routers and Cisco RV134W VDSL2 Wireless-AC VPN Routers could allow an unauthenticated, remote attacker to view configuration parameters for an affected device, which could lead to the disclosure of…

  • CVE-2018-15534CriAug 21, 2018
    risk 0.69cvss 9.8epss 0.32

    Geutebrueck re_porter 16 before 7.8.974.20 has a possibility of unauthenticated access to sensitive information including usernames and hashes via a direct request for /statistics/gscsetup.xml on TCP port 12003.

  • CVE-2016-2298CriMay 14, 2016
    risk 0.69cvss 9.8epss 0.24

    Meteocontrol WEB'log Basic 100, Light, Pro, and Pro Unlimited allows remote attackers to obtain sensitive cleartext information via unspecified vectors.

  • CVE-2018-14328CriJul 23, 2018
    risk 0.68cvss 9.8epss 0.11

    Brynamics "Online Trade - Online trading and cryptocurrency investment system" allows remote attackers to obtain sensitive information via a direct request for /dashboard/addplan, /dashboard/paywithcard/charge, /dashboard/withdrawal, or /privacy&terms, as demonstrated by reading…

  • CVE-2018-12908CriJun 27, 2018
    risk 0.68cvss 9.8epss 0.11

    Brynamics "Online Trade - Online trading and cryptocurrency investment system" allows remote attackers to obtain sensitive information via a direct request for the /dashboard/deposit URI, as demonstrated by discovering database credentials.

  • CVE-2018-5726CriJan 16, 2018
    risk 0.68cvss 9.8epss 0.20

    MASTER IPCAMERA01 3.3.4.2103 devices allow remote attackers to obtain sensitive information via a crafted HTTP request, as demonstrated by the username, password, and configuration settings.

  • CVE-2014-6437CriJan 12, 2018
    risk 0.68cvss 9.8epss 0.16

    Aztech ADSL DSL5018EN (1T1R), DSL705E, and DSL705EU devices allow remote attackers to obtain sensitive device configuration information via vectors involving the ROM file.

  • CVE-2017-11435CriJul 19, 2017
    risk 0.68cvss 9.8epss 0.10

    The Humax Wi-Fi Router model HG100R-* 2.0.6 is prone to an authentication bypass vulnerability via specially crafted requests to the management console. The bug is exploitable remotely when the router is configured to expose the management console. The router is not validating…

  • CVE-2015-7247CriApr 24, 2017
    risk 0.68cvss 9.8epss 0.10

    D-Link DVG-N5402SP with firmware W1000CN-00, W1000CN-03, or W2000EN-00 discloses usernames, passwords, keys, values, and web account hashes (super and admin) in plaintext when running a configuration backup, which allows remote attackers to obtain sensitive information.

  • CVE-2025-11749CriNov 5, 2025
    risk 0.67cvss 9.8epss 0.76

    The AI Engine plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 3.1.3 via the /mcp/v1/ REST API endpoint that exposes the 'Bearer Token' value when 'No-Auth URL' is enabled. This makes it possible for unauthenticated…

  • CVE-2017-11502CriJul 20, 2017
    risk 0.67cvss 9.8epss 0.07

    Technicolor DPC3928AD DOCSIS devices allow remote attackers to read arbitrary files via a request starting with "GET /../" on TCP port 4321.

  • CVE-2017-5496CriMar 15, 2017
    risk 0.67cvss 9.8epss 0.06

    Sawmill Enterprise 8.7.9 allows remote attackers to gain login access by leveraging knowledge of a password hash.