CWE-200

Exposure of Sensitive Information to an Unauthorized Actor

ClassDraftLikelihood: High

Description

The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

Hierarchy (View 1000)

Parents

CWE-668

Children

Related attack patterns (CAPEC)

CAPEC-116 · CAPEC-13 · CAPEC-169 · CAPEC-22 · CAPEC-224 · CAPEC-285 · CAPEC-287 · CAPEC-290 · CAPEC-291 · CAPEC-292 · CAPEC-293 · CAPEC-294 · CAPEC-295 · CAPEC-296 · CAPEC-297 · CAPEC-298 · CAPEC-299 · CAPEC-300 · CAPEC-301 · CAPEC-302 · CAPEC-303 · CAPEC-304 · CAPEC-305 · CAPEC-306 · CAPEC-307 · CAPEC-308 · CAPEC-309 · CAPEC-310 · CAPEC-312 · CAPEC-313 · CAPEC-317 · CAPEC-318 · CAPEC-319 · CAPEC-320 · CAPEC-321 · CAPEC-322 · CAPEC-323 · CAPEC-324 · CAPEC-325 · CAPEC-326 · CAPEC-327 · CAPEC-328 · CAPEC-329 · CAPEC-330 · CAPEC-472 · CAPEC-497 · CAPEC-508 · CAPEC-573 · CAPEC-574 · CAPEC-575 · CAPEC-576 · CAPEC-577 · CAPEC-59 · CAPEC-60 · CAPEC-616 · CAPEC-643 · CAPEC-646 · CAPEC-651 · CAPEC-79

CVEs mapped to this weakness (5,465)

page 208 of 274

CVE	CVSS	EPSS	Published	Description
CVE-2014-0174	—	0.00	Jul 11, 2014	Cumin (aka MRG Management Console), as used in Red Hat Enterprise MRG 2.5, does not include the HTTPOnly flag in a Set-Cookie header for the session cookie, which makes it easier for remote attackers to obtain potentially sensitive information via script access to this cookie.
CVE-2014-4022	—	0.00	Jul 9, 2014	The alloc_domain_struct function in arch/arm/domain.c in Xen 4.4.x, when running on an ARM platform, does not properly initialize the structure containing the grant table pages for a domain, which allows local guest administrators to obtain sensitive information via the GNTTABOP_setup_table subhypercall.
CVE-2014-2510	—	0.01	Jul 8, 2014	The JAXB XML parser in EMC Documentum Foundation Services (DFS) 6.6 before P39, 6.7 SP1 before P28, and 6.7 SP2 before P15, as used in My Documentum for Desktop, My Documentum for Microsoft Outlook, and CenterStage, allows remote authenticated users to read arbitrary files via an external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue.
CVE-2014-3481	—	0.01	Jul 7, 2014	org.jboss.as.jaxrs.deployment.JaxrsIntegrationProcessor in Red Hat JBoss Enterprise Application Platform (JEAP) before 6.2.4 enables entity expansion, which allows remote attackers to read arbitrary files via unspecified vectors, related to an XML External Entity (XXE) issue.
CVE-2013-5423	—	0.00	Jul 7, 2014	IBM Flex System Manager (FSM) 1.1 through 1.3 before 1.3.2.0 allows remote attackers to enumerate user accounts via unspecified vectors.
CVE-2014-4692	—	0.00	Jul 2, 2014	pfSense before 2.1.4, when HTTP is used, does not include the HTTPOnly flag in a Set-Cookie header for the session cookie, which makes it easier for remote attackers to obtain potentially sensitive information via script access to this cookie.
CVE-2014-3066	—	0.01	Jul 2, 2014	IBM Tivoli Endpoint Manager 9.1 before 9.1.1088.0 allows remote attackers to read arbitrary files via XML data containing an external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue.
CVE-2014-3494	—	0.00	Jul 1, 2014	kio/usernotificationhandler.cpp in the POP3 kioslave in kdelibs 4.10.95 before 4.13.3 does not properly generate warning notifications, which allows man-in-the-middle attackers to obtain sensitive information via an invalid certificate.
CVE-2014-1361	—	0.01	Jul 1, 2014	Secure Transport in Apple iOS before 7.1.2, Apple OS X before 10.9.4, and Apple TV before 6.1.2 does not ensure that a DTLS message is accepted only for a DTLS connection, which allows remote attackers to obtain potentially sensitive information from uninitialized process memory by providing a DTLS message within a TLS connection.
CVE-2014-1317	—	0.00	Jul 1, 2014	iBooks Commerce in Apple OS X before 10.9.4 places Apple ID credentials in the iBooks log, which allows local users to obtain sensitive information by reading this file.
CVE-2014-4669	—	0.00	Jun 28, 2014	HP Enterprise Maps 1.00 allows remote authenticated users to read arbitrary files via a WSDL document containing an XML external entity declaration in conjunction with an entity reference within a GetQuote operation, related to an XML External Entity (XXE) issue.
CVE-2014-0891	—	0.00	Jun 28, 2014	IBM WebSphere Application Server (WAS) 7.0.x before 7.0.0.33, 8.0.x before 8.0.0.9, and 8.5.x before 8.5.5.2 allows remote attackers to obtain sensitive information by leveraging incorrect request handling by the (1) Proxy or (2) ODR server.
CVE-2014-4027	—	0.00	Jun 23, 2014	The rd_build_device_space function in drivers/target/target_core_rd.c in the Linux kernel before 3.14 does not properly initialize a certain data structure, which allows local users to obtain sensitive information from ramdisk_mcp memory by leveraging access to a SCSI initiator.
CVE-2014-3296	—	0.00	Jun 21, 2014	The XML programmatic interface (XML PI) in Cisco WebEx Meeting Server 1.5(.1.131) and earlier allows remote authenticated users to obtain sensitive meeting information via a crafted URL, aka Bug ID CSCum03527.
CVE-2014-2000	—	0.00	Jun 18, 2014	The NTT 050 plus application before 4.2.1 for Android allows attackers to obtain sensitive information by leveraging the ability to read system log files.
CVE-2014-3249	—	0.00	Jun 17, 2014	Puppet Enterprise 2.8.x before 2.8.7 allows remote attackers to obtain sensitive information via vectors involving hiding and unhiding nodes.
CVE-2014-0220	—	0.00	Jun 10, 2014	Cloudera Manager before 4.8.3 and 5.x before 5.0.1 allows remote authenticated users to obtain sensitive configuration information via the API.
CVE-2013-5760	—	0.00	Jun 9, 2014	QNAP Photo Station before firmware 4.0.3 build0912 allows remote attackers to list OS user accounts via a request to photo/p/api/list.php.
CVE-2013-4728	—	0.00	Jun 6, 2014	DDSN Interactive cm3 Acora CMS 6.0.6/1a, 6.0.2/1a, 5.5.7/12b, 5.5.0/1b-p1, and possibly other versions, allows remote attackers to obtain sensitive information via a .. (dot dot) in the "l" parameter, which reveals the installation path in an error message.
CVE-2013-4725	—	0.00	Jun 6, 2014	DDSN Interactive cm3 Acora CMS 6.0.6/1a, 6.0.2/1a, 5.5.7/12b, 5.5.0/1b-p1, and possibly other versions, does not set the secure flag for an unspecified cookie in an https session, which makes it easier for remote attackers to capture this cookie by intercepting its transmission within an http session.

CVE-2014-0174Jul 11, 2014
risk 0.00cvss —epss 0.00
Cumin (aka MRG Management Console), as used in Red Hat Enterprise MRG 2.5, does not include the HTTPOnly flag in a Set-Cookie header for the session cookie, which makes it easier for remote attackers to obtain potentially sensitive information via script access to this cookie.
CVE-2014-4022Jul 9, 2014
risk 0.00cvss —epss 0.00
The alloc_domain_struct function in arch/arm/domain.c in Xen 4.4.x, when running on an ARM platform, does not properly initialize the structure containing the grant table pages for a domain, which allows local guest administrators to obtain sensitive information via the GNTTABOP_setup_table subhypercall.
CVE-2014-2510Jul 8, 2014
risk 0.00cvss —epss 0.01
The JAXB XML parser in EMC Documentum Foundation Services (DFS) 6.6 before P39, 6.7 SP1 before P28, and 6.7 SP2 before P15, as used in My Documentum for Desktop, My Documentum for Microsoft Outlook, and CenterStage, allows remote authenticated users to read arbitrary files via an external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue.
CVE-2014-3481Jul 7, 2014
risk 0.00cvss —epss 0.01
org.jboss.as.jaxrs.deployment.JaxrsIntegrationProcessor in Red Hat JBoss Enterprise Application Platform (JEAP) before 6.2.4 enables entity expansion, which allows remote attackers to read arbitrary files via unspecified vectors, related to an XML External Entity (XXE) issue.
CVE-2013-5423Jul 7, 2014
risk 0.00cvss —epss 0.00
IBM Flex System Manager (FSM) 1.1 through 1.3 before 1.3.2.0 allows remote attackers to enumerate user accounts via unspecified vectors.
CVE-2014-4692Jul 2, 2014
risk 0.00cvss —epss 0.00
pfSense before 2.1.4, when HTTP is used, does not include the HTTPOnly flag in a Set-Cookie header for the session cookie, which makes it easier for remote attackers to obtain potentially sensitive information via script access to this cookie.
CVE-2014-3066Jul 2, 2014
risk 0.00cvss —epss 0.01
IBM Tivoli Endpoint Manager 9.1 before 9.1.1088.0 allows remote attackers to read arbitrary files via XML data containing an external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue.
CVE-2014-3494Jul 1, 2014
risk 0.00cvss —epss 0.00
kio/usernotificationhandler.cpp in the POP3 kioslave in kdelibs 4.10.95 before 4.13.3 does not properly generate warning notifications, which allows man-in-the-middle attackers to obtain sensitive information via an invalid certificate.
CVE-2014-1361Jul 1, 2014
risk 0.00cvss —epss 0.01
Secure Transport in Apple iOS before 7.1.2, Apple OS X before 10.9.4, and Apple TV before 6.1.2 does not ensure that a DTLS message is accepted only for a DTLS connection, which allows remote attackers to obtain potentially sensitive information from uninitialized process memory by providing a DTLS message within a TLS connection.
CVE-2014-1317Jul 1, 2014
risk 0.00cvss —epss 0.00
iBooks Commerce in Apple OS X before 10.9.4 places Apple ID credentials in the iBooks log, which allows local users to obtain sensitive information by reading this file.
CVE-2014-4669Jun 28, 2014
risk 0.00cvss —epss 0.00
HP Enterprise Maps 1.00 allows remote authenticated users to read arbitrary files via a WSDL document containing an XML external entity declaration in conjunction with an entity reference within a GetQuote operation, related to an XML External Entity (XXE) issue.
CVE-2014-0891Jun 28, 2014
risk 0.00cvss —epss 0.00
IBM WebSphere Application Server (WAS) 7.0.x before 7.0.0.33, 8.0.x before 8.0.0.9, and 8.5.x before 8.5.5.2 allows remote attackers to obtain sensitive information by leveraging incorrect request handling by the (1) Proxy or (2) ODR server.
CVE-2014-4027Jun 23, 2014
risk 0.00cvss —epss 0.00
The rd_build_device_space function in drivers/target/target_core_rd.c in the Linux kernel before 3.14 does not properly initialize a certain data structure, which allows local users to obtain sensitive information from ramdisk_mcp memory by leveraging access to a SCSI initiator.
CVE-2014-3296Jun 21, 2014
risk 0.00cvss —epss 0.00
The XML programmatic interface (XML PI) in Cisco WebEx Meeting Server 1.5(.1.131) and earlier allows remote authenticated users to obtain sensitive meeting information via a crafted URL, aka Bug ID CSCum03527.
CVE-2014-2000Jun 18, 2014
risk 0.00cvss —epss 0.00
The NTT 050 plus application before 4.2.1 for Android allows attackers to obtain sensitive information by leveraging the ability to read system log files.
CVE-2014-3249Jun 17, 2014
risk 0.00cvss —epss 0.00
Puppet Enterprise 2.8.x before 2.8.7 allows remote attackers to obtain sensitive information via vectors involving hiding and unhiding nodes.
CVE-2014-0220Jun 10, 2014
risk 0.00cvss —epss 0.00
Cloudera Manager before 4.8.3 and 5.x before 5.0.1 allows remote authenticated users to obtain sensitive configuration information via the API.
CVE-2013-5760Jun 9, 2014
risk 0.00cvss —epss 0.00
QNAP Photo Station before firmware 4.0.3 build0912 allows remote attackers to list OS user accounts via a request to photo/p/api/list.php.
CVE-2013-4728Jun 6, 2014
risk 0.00cvss —epss 0.00
DDSN Interactive cm3 Acora CMS 6.0.6/1a, 6.0.2/1a, 5.5.7/12b, 5.5.0/1b-p1, and possibly other versions, allows remote attackers to obtain sensitive information via a .. (dot dot) in the "l" parameter, which reveals the installation path in an error message.
CVE-2013-4725Jun 6, 2014
risk 0.00cvss —epss 0.00
DDSN Interactive cm3 Acora CMS 6.0.6/1a, 6.0.2/1a, 5.5.7/12b, 5.5.0/1b-p1, and possibly other versions, does not set the secure flag for an unspecified cookie in an https session, which makes it easier for remote attackers to capture this cookie by intercepting its transmission within an http session.