CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
ClassDraftLikelihood: High
Description
The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.
Hierarchy (View 1000)
Related attack patterns (CAPEC)
CAPEC-116 · CAPEC-13 · CAPEC-169 · CAPEC-22 · CAPEC-224 · CAPEC-285 · CAPEC-287 · CAPEC-290 · CAPEC-291 · CAPEC-292 · CAPEC-293 · CAPEC-294 · CAPEC-295 · CAPEC-296 · CAPEC-297 · CAPEC-298 · CAPEC-299 · CAPEC-300 · CAPEC-301 · CAPEC-302 · CAPEC-303 · CAPEC-304 · CAPEC-305 · CAPEC-306 · CAPEC-307 · CAPEC-308 · CAPEC-309 · CAPEC-310 · CAPEC-312 · CAPEC-313 · CAPEC-317 · CAPEC-318 · CAPEC-319 · CAPEC-320 · CAPEC-321 · CAPEC-322 · CAPEC-323 · CAPEC-324 · CAPEC-325 · CAPEC-326 · CAPEC-327 · CAPEC-328 · CAPEC-329 · CAPEC-330 · CAPEC-472 · CAPEC-497 · CAPEC-508 · CAPEC-573 · CAPEC-574 · CAPEC-575 · CAPEC-576 · CAPEC-577 · CAPEC-59 · CAPEC-60 · CAPEC-616 · CAPEC-643 · CAPEC-646 · CAPEC-651 · CAPEC-79
CVEs mapped to this weakness (5,447)
page 268 of 273| CVE | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2007-5576 | 0.00 | — | 0.01 | Oct 18, 2007 | BEA Tuxedo 8.0 before RP392 and 8.1 before RP293, and WebLogic Enterprise 5.1 before RP174, echo the password in cleartext, which allows physically proximate attackers to obtain sensitive information via the (1) cnsbind, (2) cnsunbind, or (3) cnsls commands. | ||
| CVE-2007-5550 | 0.00 | — | 0.00 | Oct 18, 2007 | Unspecified vulnerability in Cisco IOS allows remote attackers to obtain the IOS version via unspecified vectors involving a "common network service", aka PSIRT-1255024833. NOTE: as of 20071016, the only disclosure is a vague pre-advisory with no actionable information. However, since it is from a well-known researcher, it is being assigned a CVE identifier for tracking purposes. | ||
| CVE-2007-5555 | 0.00 | — | 0.00 | Oct 18, 2007 | Unspecified vulnerability in Symantec Altiris Deployment Solution allows attackers to obtain authentication credentials via unknown vectors, aka "Authentication Credentials Information Leakage in Altiris Deployment Solution." NOTE: this description is based on a vague pre-advisory with no actionable information. However, since it is from a well-known researcher, it is being assigned a CVE identifier for tracking purposes. | ||
| CVE-2007-5554 | 0.00 | — | 0.00 | Oct 18, 2007 | Oracle allows remote attackers to obtain server memory contents via crafted packets, aka Oracle reference number 7892711. NOTE: as of 20071016, the only disclosure is a vague pre-advisory with no actionable information. However, since it is from a well-known researcher, it is being assigned a CVE identifier for tracking purposes. | ||
| CVE-2007-5549 | 0.00 | — | 0.00 | Oct 18, 2007 | Unspecified vulnerability in Command EXEC in Cisco IOS allows local users to bypass command restrictions and obtain sensitive information via an unspecified "variation of an IOS command" involving "two different methods", aka CSCsk16129. NOTE: as of 20071016, the only disclosure is a vague pre-advisory with no actionable information. However, since it is from a well-known researcher, it is being assigned a CVE identifier for tracking purposes. | ||
| CVE-2007-5473 | 0.00 | — | 0.00 | Oct 18, 2007 | StaticFileHandler.cs in System.Web in Mono before 1.2.5.2, when running on Windows, allows remote attackers to obtain source code of sensitive files via a request containing a trailing (1) space or (2) dot, which is not properly handled by XSP. | ||
| CVE-2007-5470 | 0.00 | — | 0.01 | Oct 16, 2007 | Microsoft Expression Media stores the catalog password in cleartext in the catalog IVC file, which allows local users to obtain sensitive information and gain access to the catalog by reading the IVC file. | ||
| CVE-2007-5195 | 0.00 | — | 0.01 | Oct 14, 2007 | Unspecified vulnerability in the SSL implementation in Groupwise client system in the novell-groupwise-client package in SUSE Linux Enterprise Desktop 10 allows remote attackers to obtain credentials via a man-in-the-middle attack, a different vulnerability than CVE-2007-5196. | ||
| CVE-2007-5196 | 0.00 | — | 0.01 | Oct 14, 2007 | Unspecified vulnerability in the SSL implementation in Groupwise client system in the novell-groupwise-client package in SUSE Linux Enterprise Desktop 10 allows remote attackers to obtain credentials via a man-in-the-middle attack, a different vulnerability than CVE-2007-5195. | ||
| CVE-2007-5444 | 0.00 | — | 0.00 | Oct 14, 2007 | CMS Made Simple 1.1.3.1 allows remote attackers to obtain the full path via a direct request for unspecified files. | ||
| CVE-2007-5439 | 0.00 | — | 0.01 | Oct 13, 2007 | CA (formerly Computer Associates) eTrust ITM (Threat Manager) 8.1 stores sensitive user information in log files with predictable names, which allows remote attackers to obtain this information via unspecified vectors. | ||
| CVE-2007-5431 | 0.00 | — | 0.00 | Oct 12, 2007 | include/imageupload.js in the MyFTPUploader module in Stride 1.0 contains sensitive information including FTP login credentials, which might allow remote attackers to gain unauthorized access to the FTP server being used by the module by viewing the source code. | ||
| CVE-2007-5432 | 0.00 | — | 0.01 | Oct 12, 2007 | Stride 1.0 has a default administrator username of "scott" with the password "running", which allows remote attackers to obtain administrative access through login.php. | ||
| CVE-2007-5420 | 0.00 | — | 0.01 | Oct 12, 2007 | The 3Com 3CRWER100-75 router with 1.2.10ww software, when remote management is disabled but a web server has been configured, serves a web page to external clients, which might allow remote attackers to obtain information about the router's existence and product details. | ||
| CVE-2007-5201 | 0.00 | — | 0.00 | Oct 4, 2007 | The FTP backend for Duplicity before 0.4.9 sends the password as a command line argument when calling ncftp, which might allow local users to read the password by listing the process and its arguments. | ||
| CVE-2007-5172 | 0.00 | — | 0.00 | Oct 1, 2007 | Quicksilver Forums before 1.4.1 allows remote attackers to obtain sensitive information by causing unspecified connection errors, which reveals the database password in the resulting error message. | ||
| CVE-2007-3756 | 0.00 | — | 0.01 | Sep 27, 2007 | Safari in Apple iPhone 1.1.1, and Safari 3 before Beta Update 3.0.4 on Windows and Mac OS X 10.4 through 10.4.10, allows remote attackers to obtain sensitive information via a crafted web page that identifies the URL of the parent window, even when the parent window is in a different domain. | ||
| CVE-2007-5129 | 0.00 | — | 0.01 | Sep 27, 2007 | SimpGB 1.46.02 stores sensitive information under the web root with insufficient access control, which allows remote attackers to (1) obtain sensitive configuration information via a direct request for admin/cfginfo.php; and (2) download arbitrary .inc files via a direct request, as demonstrated by admin/includes/dbtables.inc. | ||
| CVE-2007-5034 | 0.00 | — | 0.03 | Sep 21, 2007 | ELinks before 0.11.3, when sending a POST request for an https URL, appends the body and content headers of the POST request to the CONNECT request in cleartext, which allows remote attackers to sniff sensitive data that would have been protected by TLS. NOTE: this issue only occurs when a proxy is defined for https. | ||
| CVE-2007-5028 | 0.00 | — | 0.00 | Sep 21, 2007 | Dibbler 0.6.0 on Linux uses weak world-writable permissions for unspecified files in /var/lib/dibbler, which has unknown impact and local attack vectors. |