CWE-200

Exposure of Sensitive Information to an Unauthorized Actor

ClassDraftLikelihood: High

Description

The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

Hierarchy (View 1000)

Parents

CWE-668

Children

Related attack patterns (CAPEC)

CAPEC-116 · CAPEC-13 · CAPEC-169 · CAPEC-22 · CAPEC-224 · CAPEC-285 · CAPEC-287 · CAPEC-290 · CAPEC-291 · CAPEC-292 · CAPEC-293 · CAPEC-294 · CAPEC-295 · CAPEC-296 · CAPEC-297 · CAPEC-298 · CAPEC-299 · CAPEC-300 · CAPEC-301 · CAPEC-302 · CAPEC-303 · CAPEC-304 · CAPEC-305 · CAPEC-306 · CAPEC-307 · CAPEC-308 · CAPEC-309 · CAPEC-310 · CAPEC-312 · CAPEC-313 · CAPEC-317 · CAPEC-318 · CAPEC-319 · CAPEC-320 · CAPEC-321 · CAPEC-322 · CAPEC-323 · CAPEC-324 · CAPEC-325 · CAPEC-326 · CAPEC-327 · CAPEC-328 · CAPEC-329 · CAPEC-330 · CAPEC-472 · CAPEC-497 · CAPEC-508 · CAPEC-573 · CAPEC-574 · CAPEC-575 · CAPEC-576 · CAPEC-577 · CAPEC-59 · CAPEC-60 · CAPEC-616 · CAPEC-643 · CAPEC-646 · CAPEC-651 · CAPEC-79

CVEs mapped to this weakness (5,448)

page 111 of 273

CVE	Sev	Risk	CVSS	EPSS	Published	Description
CVE-2016-3232	Med	0.34	5.0	0.17	Jun 16, 2016	The Virtual PCI (VPCI) virtual service provider in Microsoft Windows Server 2012 Gold and R2 allows local users to obtain sensitive information from uninitialized memory locations via a crafted application, aka "Windows Virtual PCI Information Disclosure Vulnerability."
CVE-2016-3216	Med	0.34	4.3	0.38	Jun 16, 2016	GDI32.dll in the Graphics component in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 allows remote attackers to bypass the ASLR protection mechanism via unspecified vectors, aka "Windows Graphics Component Information Disclosure Vulnerability."
CVE-2016-4536	Med	0.34	5.3	0.00	May 13, 2016	The client in OpenAFS before 1.6.17 does not properly initialize the (1) AFSStoreStatus, (2) AFSStoreVolumeStatus, (3) VldbListByAttributes, and (4) ListAddrByAttributes structures, which might allow remote attackers to obtain sensitive memory information by leveraging access to RPC call traffic.
CVE-2016-1199	Med	0.34	5.3	0.00	Apr 30, 2016	The login page in the management screen in LOCKON EC-CUBE 3.0.0 through 3.0.9 allows remote attackers to bypass intended IP address restrictions via unspecified vectors, a different vulnerability than CVE-2016-1200.
CVE-2016-2302	Med	0.34	5.3	0.00	Apr 22, 2016	Ecava IntegraXor before 5.0 build 4522 allows remote attackers to obtain sensitive information by reading detailed error messages.
CVE-2016-2212	Med	0.34	5.3	0.00	Apr 15, 2016	The getOrderByStatusUrlKey function in the Mage_Rss_Helper_Order class in app/code/core/Mage/Rss/Helper/Order.php in Magento Enterprise Edition before 1.14.2.3 and Magento Community Edition before 1.9.2.3 allows remote attackers to obtain sensitive order information via the order_id in a JSON object in the data parameter in an RSS feed request to index.php/rss/order/status.
CVE-2016-1378	Med	0.34	5.3	0.00	Apr 14, 2016	Cisco IOS before 15.2(2)E1 on Catalyst switches allows remote attackers to obtain potentially sensitive software-version information via a request to the Network Mobility Services Protocol (NMSP) port, aka Bug ID CSCum62591.
CVE-2016-3170	Med	0.34	5.3	0.01	Apr 12, 2016	The "have you forgotten your password" links in the User module in Drupal 7.x before 7.43 and 8.x before 8.0.4 allow remote attackers to obtain sensitive username information by leveraging a configuration that permits using an email address to login and a module that permits logging in.
CVE-2015-8537	Med	0.34	5.3	0.00	Apr 12, 2016	app/views/journals/index.builder in Redmine before 2.6.9, 3.0.x before 3.0.7, and 3.1.x before 3.1.3 allows remote attackers to obtain sensitive information by viewing an Atom feed.
CVE-2014-9759	Med	0.34	5.3	0.00	Apr 11, 2016	Incomplete blacklist vulnerability in the config_is_private function in config_api.php in MantisBT 1.3.x before 1.3.0 allows remote attackers to obtain sensitive master salt configuration information via a SOAP API request.
CVE-2016-0790	Med	0.34	5.3	0.00	Apr 7, 2016	Jenkins before 1.650 and LTS before 1.642.2 do not use a constant-time algorithm to verify API tokens, which makes it easier for remote attackers to determine API tokens via a brute-force approach.
CVE-2016-3973	Med	0.34	5.3	0.01	Apr 7, 2016	The chat feature in the Real-Time Collaboration (RTC) services 7.3 and 7.4 in SAP NetWeaver Java AS 7.1 through 7.5 allows remote attackers to obtain sensitive user information by visiting webdynpro/resources/sap.com/tc~rtc~coll.appl.rtc~wd_chat/Chat#, pressing "Add users", and doing a search, aka SAP Security Note 2255990.
CVE-2016-1787	Med	0.34	5.3	0.00	Mar 24, 2016	Wiki Server in Apple OS X Server before 5.1 allows remote attackers to obtain sensitive information from Wiki pages via unspecified vectors.
CVE-2016-0825	Med	0.34	5.3	0.00	Mar 12, 2016	The Widevine Trusted Application in Android 6.0.1 before 2016-03-01 allows attackers to obtain sensitive TrustZone secure-storage information by leveraging kernel access, as demonstrated by obtaining Signature or SignatureOrSystem access, aka internal bug 20860039.
CVE-2016-0824	Med	0.34	5.3	0.00	Mar 12, 2016	libmpeg2 in libstagefright in Android 6.x before 2016-03-01 allows attackers to obtain sensitive information, and consequently bypass an unspecified protection mechanism, via crafted Bitstream data, as demonstrated by obtaining Signature or SignatureOrSystem access, aka internal bug 25765591.
CVE-2015-6485	Med	0.34	5.3	0.00	Mar 12, 2016	Schneider Electric Telvent Sage 2300 RTUs with firmware before C3413-500-S01, and LANDAC II-2, Sage 1410, Sage 1430, Sage 1450, Sage 2400, and Sage 3030M RTUs with firmware before C3414-500-S02J2, allow remote attackers to obtain sensitive information from device memory by reading a padding field of an Ethernet packet.
CVE-2016-1357	Med	0.34	5.3	0.00	Mar 3, 2016	The password-management administration component in Cisco Policy Suite (CPS) 7.0.1.3, 7.0.2, 7.0.2-att, 7.0.3-att, 7.0.4-att, and 7.5.0 allows remote attackers to bypass intended RBAC restrictions and read unspecified data via unknown vectors, aka Bug ID CSCut85211.
CVE-2016-1342	Med	0.34	5.3	0.01	Feb 26, 2016	The device login page in Cisco FirePOWER Management Center 5.3 through 6.0.0.1 allows remote attackers to obtain potentially sensitive software-version information by reading help files, aka Bug ID CSCuy36654.
CVE-2016-2044	Med	0.34	5.3	0.00	Feb 20, 2016	libraries/sql-parser/autoload.php in the SQL parser in phpMyAdmin 4.5.x before 4.5.4 allows remote attackers to obtain sensitive information via a crafted request, which reveals the full path in an error message.
CVE-2016-2042	Med	0.34	5.3	0.01	Feb 20, 2016	phpMyAdmin 4.4.x before 4.4.15.3 and 4.5.x before 4.5.4 allows remote attackers to obtain sensitive information via a crafted request to (1) libraries/phpseclib/Crypt/AES.php or (2) libraries/phpseclib/Crypt/Rijndael.php, which reveals the full path in an error message.

CVE-2016-3232MedJun 16, 2016
risk 0.34cvss 5.0epss 0.17
The Virtual PCI (VPCI) virtual service provider in Microsoft Windows Server 2012 Gold and R2 allows local users to obtain sensitive information from uninitialized memory locations via a crafted application, aka "Windows Virtual PCI Information Disclosure Vulnerability."
CVE-2016-3216MedJun 16, 2016
risk 0.34cvss 4.3epss 0.38
GDI32.dll in the Graphics component in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 allows remote attackers to bypass the ASLR protection mechanism via unspecified vectors, aka "Windows Graphics Component Information Disclosure Vulnerability."
CVE-2016-4536MedMay 13, 2016
risk 0.34cvss 5.3epss 0.00
The client in OpenAFS before 1.6.17 does not properly initialize the (1) AFSStoreStatus, (2) AFSStoreVolumeStatus, (3) VldbListByAttributes, and (4) ListAddrByAttributes structures, which might allow remote attackers to obtain sensitive memory information by leveraging access to RPC call traffic.
CVE-2016-1199MedApr 30, 2016
risk 0.34cvss 5.3epss 0.00
The login page in the management screen in LOCKON EC-CUBE 3.0.0 through 3.0.9 allows remote attackers to bypass intended IP address restrictions via unspecified vectors, a different vulnerability than CVE-2016-1200.
CVE-2016-2302MedApr 22, 2016
risk 0.34cvss 5.3epss 0.00
Ecava IntegraXor before 5.0 build 4522 allows remote attackers to obtain sensitive information by reading detailed error messages.
CVE-2016-2212MedApr 15, 2016
risk 0.34cvss 5.3epss 0.00
The getOrderByStatusUrlKey function in the Mage_Rss_Helper_Order class in app/code/core/Mage/Rss/Helper/Order.php in Magento Enterprise Edition before 1.14.2.3 and Magento Community Edition before 1.9.2.3 allows remote attackers to obtain sensitive order information via the order_id in a JSON object in the data parameter in an RSS feed request to index.php/rss/order/status.
CVE-2016-1378MedApr 14, 2016
risk 0.34cvss 5.3epss 0.00
Cisco IOS before 15.2(2)E1 on Catalyst switches allows remote attackers to obtain potentially sensitive software-version information via a request to the Network Mobility Services Protocol (NMSP) port, aka Bug ID CSCum62591.
CVE-2016-3170MedApr 12, 2016
risk 0.34cvss 5.3epss 0.01
The "have you forgotten your password" links in the User module in Drupal 7.x before 7.43 and 8.x before 8.0.4 allow remote attackers to obtain sensitive username information by leveraging a configuration that permits using an email address to login and a module that permits logging in.
CVE-2015-8537MedApr 12, 2016
risk 0.34cvss 5.3epss 0.00
app/views/journals/index.builder in Redmine before 2.6.9, 3.0.x before 3.0.7, and 3.1.x before 3.1.3 allows remote attackers to obtain sensitive information by viewing an Atom feed.
CVE-2014-9759MedApr 11, 2016
risk 0.34cvss 5.3epss 0.00
Incomplete blacklist vulnerability in the config_is_private function in config_api.php in MantisBT 1.3.x before 1.3.0 allows remote attackers to obtain sensitive master salt configuration information via a SOAP API request.
CVE-2016-0790MedApr 7, 2016
risk 0.34cvss 5.3epss 0.00
Jenkins before 1.650 and LTS before 1.642.2 do not use a constant-time algorithm to verify API tokens, which makes it easier for remote attackers to determine API tokens via a brute-force approach.
CVE-2016-3973MedApr 7, 2016
risk 0.34cvss 5.3epss 0.01
The chat feature in the Real-Time Collaboration (RTC) services 7.3 and 7.4 in SAP NetWeaver Java AS 7.1 through 7.5 allows remote attackers to obtain sensitive user information by visiting webdynpro/resources/sap.com/tc~rtc~coll.appl.rtc~wd_chat/Chat#, pressing "Add users", and doing a search, aka SAP Security Note 2255990.
CVE-2016-1787MedMar 24, 2016
risk 0.34cvss 5.3epss 0.00
Wiki Server in Apple OS X Server before 5.1 allows remote attackers to obtain sensitive information from Wiki pages via unspecified vectors.
CVE-2016-0825MedMar 12, 2016
risk 0.34cvss 5.3epss 0.00
The Widevine Trusted Application in Android 6.0.1 before 2016-03-01 allows attackers to obtain sensitive TrustZone secure-storage information by leveraging kernel access, as demonstrated by obtaining Signature or SignatureOrSystem access, aka internal bug 20860039.
CVE-2016-0824MedMar 12, 2016
risk 0.34cvss 5.3epss 0.00
libmpeg2 in libstagefright in Android 6.x before 2016-03-01 allows attackers to obtain sensitive information, and consequently bypass an unspecified protection mechanism, via crafted Bitstream data, as demonstrated by obtaining Signature or SignatureOrSystem access, aka internal bug 25765591.
CVE-2015-6485MedMar 12, 2016
risk 0.34cvss 5.3epss 0.00
Schneider Electric Telvent Sage 2300 RTUs with firmware before C3413-500-S01, and LANDAC II-2, Sage 1410, Sage 1430, Sage 1450, Sage 2400, and Sage 3030M RTUs with firmware before C3414-500-S02J2, allow remote attackers to obtain sensitive information from device memory by reading a padding field of an Ethernet packet.
CVE-2016-1357MedMar 3, 2016
risk 0.34cvss 5.3epss 0.00
The password-management administration component in Cisco Policy Suite (CPS) 7.0.1.3, 7.0.2, 7.0.2-att, 7.0.3-att, 7.0.4-att, and 7.5.0 allows remote attackers to bypass intended RBAC restrictions and read unspecified data via unknown vectors, aka Bug ID CSCut85211.
CVE-2016-1342MedFeb 26, 2016
risk 0.34cvss 5.3epss 0.01
The device login page in Cisco FirePOWER Management Center 5.3 through 6.0.0.1 allows remote attackers to obtain potentially sensitive software-version information by reading help files, aka Bug ID CSCuy36654.
CVE-2016-2044MedFeb 20, 2016
risk 0.34cvss 5.3epss 0.00
libraries/sql-parser/autoload.php in the SQL parser in phpMyAdmin 4.5.x before 4.5.4 allows remote attackers to obtain sensitive information via a crafted request, which reveals the full path in an error message.
CVE-2016-2042MedFeb 20, 2016
risk 0.34cvss 5.3epss 0.01
phpMyAdmin 4.4.x before 4.4.15.3 and 4.5.x before 4.5.4 allows remote attackers to obtain sensitive information via a crafted request to (1) libraries/phpseclib/Crypt/AES.php or (2) libraries/phpseclib/Crypt/Rijndael.php, which reveals the full path in an error message.