CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
Description
The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.
Hierarchy (View 1000)
Related attack patterns (CAPEC)
CAPEC-116 · CAPEC-13 · CAPEC-169 · CAPEC-22 · CAPEC-224 · CAPEC-285 · CAPEC-287 · CAPEC-290 · CAPEC-291 · CAPEC-292 · CAPEC-293 · CAPEC-294 · CAPEC-295 · CAPEC-296 · CAPEC-297 · CAPEC-298 · CAPEC-299 · CAPEC-300 · CAPEC-301 · CAPEC-302 · CAPEC-303 · CAPEC-304 · CAPEC-305 · CAPEC-306 · CAPEC-307 · CAPEC-308 · CAPEC-309 · CAPEC-310 · CAPEC-312 · CAPEC-313 · CAPEC-317 · CAPEC-318 · CAPEC-319 · CAPEC-320 · CAPEC-321 · CAPEC-322 · CAPEC-323 · CAPEC-324 · CAPEC-325 · CAPEC-326 · CAPEC-327 · CAPEC-328 · CAPEC-329 · CAPEC-330 · CAPEC-472 · CAPEC-497 · CAPEC-508 · CAPEC-573 · CAPEC-574 · CAPEC-575 · CAPEC-576 · CAPEC-577 · CAPEC-59 · CAPEC-60 · CAPEC-616 · CAPEC-643 · CAPEC-646 · CAPEC-651 · CAPEC-79
CVEs mapped to this weakness (5,467)
page 191 of 274| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2015-3373 | 0.00 | — | 0.00 | Apr 21, 2015 | The Amazon AWS module before 7.x-1.3 for Drupal uses the base URL and AWS access key to generate the access token, which makes it easier for remote attackers to guess the token value and create backups via a crafted URL. | |||
| CVE-2015-1247 | — | 0.00 | — | 0.01 | Apr 19, 2015 | The SearchEngineTabHelper::OnPageHasOSDD function in browser/ui/search_engines/search_engine_tab_helper.cc in Google Chrome before 42.0.2311.90 does not prevent use of a file: URL for an OpenSearch descriptor XML document, which might allow remote attackers to obtain sensitive information from local files via a crafted (1) http or (2) https web site. | ||
| CVE-2015-1244 | — | 0.00 | — | 0.01 | Apr 19, 2015 | The URLRequest::GetHSTSRedirect function in url_request/url_request.cc in Google Chrome before 42.0.2311.90 does not replace the ws scheme with the wss scheme whenever an HSTS Policy is active, which makes it easier for remote attackers to obtain sensitive information by sniffing the network for WebSocket traffic. | ||
| CVE-2015-0969 | 0.00 | — | 0.01 | Apr 18, 2015 | SearchBlox before 8.2 allows remote attackers to obtain sensitive information via a pretty=true action to the _cluster/health URI. | |||
| CVE-2015-0938 | 0.00 | — | 0.00 | Apr 17, 2015 | search.php on the Blue Coat Malware Analysis appliance with software before 4.2.4.20150312-RELEASE allows remote attackers to bypass intended access restrictions, and list or read arbitrary documents, by providing matching keywords in conjunction with a crafted parameter. | |||
| CVE-2015-3320 | 0.00 | — | 0.00 | Apr 16, 2015 | Lenovo USB Enhanced Performance Keyboard software before 2.0.2.2 includes active debugging code in SKHOOKS.DLL, which allows local users to obtain keypress information by accessing debug output. | |||
| CVE-2015-1314 | 0.00 | — | 0.00 | Apr 16, 2015 | The USAA Mobile Banking application before 7.10.1 for Android displays the most recently-used screen before prompting the user for login, which might allow physically proximate users to obtain banking account numbers and balances. | |||
| CVE-2015-3319 | 0.00 | — | 0.00 | Apr 16, 2015 | Hotspot Express hotEx Billing Manager 73 does not include the HTTPOnly flag in a Set-Cookie header, which makes it easier for remote attackers to obtain potentially sensitive information via script access to this cookie. | |||
| CVE-2015-3044 | 0.00 | — | 0.02 | Apr 14, 2015 | Adobe Flash Player before 13.0.0.281 and 14.x through 17.x before 17.0.0.169 on Windows and OS X and before 11.2.202.457 on Linux allows attackers to bypass intended access restrictions and obtain sensitive information via unspecified vectors. | |||
| CVE-2015-3040 | 0.00 | — | 0.01 | Apr 14, 2015 | Adobe Flash Player before 13.0.0.281 and 14.x through 17.x before 17.0.0.169 on Windows and OS X and before 11.2.202.457 on Linux does not properly restrict discovery of memory addresses, which allows attackers to bypass the ASLR protection mechanism via unspecified vectors, a different vulnerability than CVE-2015-0357. | |||
| CVE-2015-0357 | — | 0.00 | — | 0.01 | Apr 14, 2015 | Adobe Flash Player before 13.0.0.281 and 14.x through 17.x before 17.0.0.169 on Windows and OS X and before 11.2.202.457 on Linux does not properly restrict discovery of memory addresses, which allows attackers to bypass the ASLR protection mechanism via unspecified vectors, a different vulnerability than CVE-2015-3040. | ||
| CVE-2015-3293 | — | 0.00 | — | 0.00 | Apr 14, 2015 | FortiMail 5.0.3 through 5.2.3 allows remote administrators to obtain credentials via the "diag debug application httpd" command. | ||
| CVE-2015-0844 | 0.00 | — | 0.01 | Apr 14, 2015 | The WML/Lua API in Battle for Wesnoth 1.7.x through 1.11.x and 1.12.x before 1.12.2 allows remote attackers to read arbitrary files via a crafted (1) campaign or (2) map file. | |||
| CVE-2015-2935 | 0.00 | — | 0.00 | Apr 13, 2015 | MediaWiki before 1.19.24, 1.2x before 1.23.9, and 1.24.x before 1.24.2 allows remote attackers to bypass the SVG filtering and obtain sensitive user information via a mixed case @import in a style element in an SVG file, as demonstrated by "@imporT." | |||
| CVE-2015-1415 | 0.00 | — | 0.00 | Apr 10, 2015 | The bsdinstall installer in FreeBSD 10.x before 10.1 p9, when configuring full disk encrypted ZFS, uses world-readable permissions for the GELI keyfile (/boot/encryption.key), which allows local users to obtain sensitive key information by reading the file. | |||
| CVE-2015-1148 | 0.00 | — | 0.00 | Apr 10, 2015 | Screen Sharing in Apple OS X before 10.10.3 stores the password of a user in a log file, which might allow context-dependent attackers to obtain sensitive information by reading this file. | |||
| CVE-2015-1147 | 0.00 | — | 0.00 | Apr 10, 2015 | Open Directory Client in Apple OS X before 10.10.3 sends unencrypted password-change requests in certain circumstances involving missing certificates, which allows remote attackers to obtain sensitive information by sniffing the network. | |||
| CVE-2015-1128 | 0.00 | — | 0.00 | Apr 10, 2015 | The private-browsing implementation in Apple Safari before 6.2.5, 7.x before 7.1.5, and 8.x before 8.0.5 allows attackers to obtain sensitive browsing-history information via vectors involving push-notification requests. | |||
| CVE-2015-1127 | 0.00 | — | 0.00 | Apr 10, 2015 | The private-browsing implementation in WebKit in Apple Safari before 6.2.5, 7.x before 7.1.5, and 8.x before 8.0.5 places browsing history into an index, which might allow local users to obtain sensitive information by reading index entries. | |||
| CVE-2015-1116 | 0.00 | — | 0.00 | Apr 10, 2015 | The UIKit View component in Apple iOS before 8.3 displays unblurred application snapshots in the Task Switcher, which makes it easier for physically proximate attackers to obtain sensitive information by reading the device screen. |
- CVE-2015-3373Apr 21, 2015risk 0.00cvss —epss 0.00
The Amazon AWS module before 7.x-1.3 for Drupal uses the base URL and AWS access key to generate the access token, which makes it easier for remote attackers to guess the token value and create backups via a crafted URL.
- CVE-2015-1247Apr 19, 2015risk 0.00cvss —epss 0.01
The SearchEngineTabHelper::OnPageHasOSDD function in browser/ui/search_engines/search_engine_tab_helper.cc in Google Chrome before 42.0.2311.90 does not prevent use of a file: URL for an OpenSearch descriptor XML document, which might allow remote attackers to obtain sensitive information from local files via a crafted (1) http or (2) https web site.
- CVE-2015-1244Apr 19, 2015risk 0.00cvss —epss 0.01
The URLRequest::GetHSTSRedirect function in url_request/url_request.cc in Google Chrome before 42.0.2311.90 does not replace the ws scheme with the wss scheme whenever an HSTS Policy is active, which makes it easier for remote attackers to obtain sensitive information by sniffing the network for WebSocket traffic.
- CVE-2015-0969Apr 18, 2015risk 0.00cvss —epss 0.01
SearchBlox before 8.2 allows remote attackers to obtain sensitive information via a pretty=true action to the _cluster/health URI.
- CVE-2015-0938Apr 17, 2015risk 0.00cvss —epss 0.00
search.php on the Blue Coat Malware Analysis appliance with software before 4.2.4.20150312-RELEASE allows remote attackers to bypass intended access restrictions, and list or read arbitrary documents, by providing matching keywords in conjunction with a crafted parameter.
- CVE-2015-3320Apr 16, 2015risk 0.00cvss —epss 0.00
Lenovo USB Enhanced Performance Keyboard software before 2.0.2.2 includes active debugging code in SKHOOKS.DLL, which allows local users to obtain keypress information by accessing debug output.
- CVE-2015-1314Apr 16, 2015risk 0.00cvss —epss 0.00
The USAA Mobile Banking application before 7.10.1 for Android displays the most recently-used screen before prompting the user for login, which might allow physically proximate users to obtain banking account numbers and balances.
- CVE-2015-3319Apr 16, 2015risk 0.00cvss —epss 0.00
Hotspot Express hotEx Billing Manager 73 does not include the HTTPOnly flag in a Set-Cookie header, which makes it easier for remote attackers to obtain potentially sensitive information via script access to this cookie.
- CVE-2015-3044Apr 14, 2015risk 0.00cvss —epss 0.02
Adobe Flash Player before 13.0.0.281 and 14.x through 17.x before 17.0.0.169 on Windows and OS X and before 11.2.202.457 on Linux allows attackers to bypass intended access restrictions and obtain sensitive information via unspecified vectors.
- CVE-2015-3040Apr 14, 2015risk 0.00cvss —epss 0.01
Adobe Flash Player before 13.0.0.281 and 14.x through 17.x before 17.0.0.169 on Windows and OS X and before 11.2.202.457 on Linux does not properly restrict discovery of memory addresses, which allows attackers to bypass the ASLR protection mechanism via unspecified vectors, a different vulnerability than CVE-2015-0357.
- CVE-2015-0357Apr 14, 2015risk 0.00cvss —epss 0.01
Adobe Flash Player before 13.0.0.281 and 14.x through 17.x before 17.0.0.169 on Windows and OS X and before 11.2.202.457 on Linux does not properly restrict discovery of memory addresses, which allows attackers to bypass the ASLR protection mechanism via unspecified vectors, a different vulnerability than CVE-2015-3040.
- CVE-2015-3293Apr 14, 2015risk 0.00cvss —epss 0.00
FortiMail 5.0.3 through 5.2.3 allows remote administrators to obtain credentials via the "diag debug application httpd" command.
- CVE-2015-0844Apr 14, 2015risk 0.00cvss —epss 0.01
The WML/Lua API in Battle for Wesnoth 1.7.x through 1.11.x and 1.12.x before 1.12.2 allows remote attackers to read arbitrary files via a crafted (1) campaign or (2) map file.
- CVE-2015-2935Apr 13, 2015risk 0.00cvss —epss 0.00
MediaWiki before 1.19.24, 1.2x before 1.23.9, and 1.24.x before 1.24.2 allows remote attackers to bypass the SVG filtering and obtain sensitive user information via a mixed case @import in a style element in an SVG file, as demonstrated by "@imporT."
- CVE-2015-1415Apr 10, 2015risk 0.00cvss —epss 0.00
The bsdinstall installer in FreeBSD 10.x before 10.1 p9, when configuring full disk encrypted ZFS, uses world-readable permissions for the GELI keyfile (/boot/encryption.key), which allows local users to obtain sensitive key information by reading the file.
- CVE-2015-1148Apr 10, 2015risk 0.00cvss —epss 0.00
Screen Sharing in Apple OS X before 10.10.3 stores the password of a user in a log file, which might allow context-dependent attackers to obtain sensitive information by reading this file.
- CVE-2015-1147Apr 10, 2015risk 0.00cvss —epss 0.00
Open Directory Client in Apple OS X before 10.10.3 sends unencrypted password-change requests in certain circumstances involving missing certificates, which allows remote attackers to obtain sensitive information by sniffing the network.
- CVE-2015-1128Apr 10, 2015risk 0.00cvss —epss 0.00
The private-browsing implementation in Apple Safari before 6.2.5, 7.x before 7.1.5, and 8.x before 8.0.5 allows attackers to obtain sensitive browsing-history information via vectors involving push-notification requests.
- CVE-2015-1127Apr 10, 2015risk 0.00cvss —epss 0.00
The private-browsing implementation in WebKit in Apple Safari before 6.2.5, 7.x before 7.1.5, and 8.x before 8.0.5 places browsing history into an index, which might allow local users to obtain sensitive information by reading index entries.
- CVE-2015-1116Apr 10, 2015risk 0.00cvss —epss 0.00
The UIKit View component in Apple iOS before 8.3 displays unblurred application snapshots in the Task Switcher, which makes it easier for physically proximate attackers to obtain sensitive information by reading the device screen.