VYPR

CWE-200

Exposure of Sensitive Information to an Unauthorized Actor

ClassDraftLikelihood: High

Description

The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

Hierarchy (View 1000)

Related attack patterns (CAPEC)

CAPEC-116 · CAPEC-13 · CAPEC-169 · CAPEC-22 · CAPEC-224 · CAPEC-285 · CAPEC-287 · CAPEC-290 · CAPEC-291 · CAPEC-292 · CAPEC-293 · CAPEC-294 · CAPEC-295 · CAPEC-296 · CAPEC-297 · CAPEC-298 · CAPEC-299 · CAPEC-300 · CAPEC-301 · CAPEC-302 · CAPEC-303 · CAPEC-304 · CAPEC-305 · CAPEC-306 · CAPEC-307 · CAPEC-308 · CAPEC-309 · CAPEC-310 · CAPEC-312 · CAPEC-313 · CAPEC-317 · CAPEC-318 · CAPEC-319 · CAPEC-320 · CAPEC-321 · CAPEC-322 · CAPEC-323 · CAPEC-324 · CAPEC-325 · CAPEC-326 · CAPEC-327 · CAPEC-328 · CAPEC-329 · CAPEC-330 · CAPEC-472 · CAPEC-497 · CAPEC-508 · CAPEC-573 · CAPEC-574 · CAPEC-575 · CAPEC-576 · CAPEC-577 · CAPEC-59 · CAPEC-60 · CAPEC-616 · CAPEC-643 · CAPEC-646 · CAPEC-651 · CAPEC-79

CVEs mapped to this weakness (7,319)

page 29 of 366
  • CVE-2023-48796HigNov 24, 2023
    risk 0.49cvss 7.5epss 0.01

    Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Apache DolphinScheduler. The information exposed to unauthorized actors may include sensitive data such as database credentials. Users who can't upgrade to the fixed version can also set environment…

  • CVE-2023-34235HigJul 25, 2023
    risk 0.49cvss 8.6epss 0.01

    Strapi is an open-source headless content management system. Prior to version 4.10.8, it is possible to leak private fields if one is using the `t(number)` prefix. Knex query allows users to change the default prefix. For example, if someone changes the prefix to be the same as…

  • CVE-2023-29517HigApr 19, 2023
    risk 0.49cvss 7.5epss 0.01

    XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. The office document viewer macro was allowing anyone to see any file content from the hosting server, provided that the office server was connected and depending on the…

  • CVE-2023-25164HigFeb 8, 2023
    risk 0.49cvss 8.6epss 0.01

    Tinacms is a Git-backed headless content management system with support for visual editing. Sites being built with @tinacms/cli >= 1.0.0 && < 1.0.9 which store sensitive values in the process.env variable are impacted. These values will be added in plaintext to the index.js…

  • CVE-2023-0557HigJan 27, 2023
    risk 0.49cvss 7.5epss 0.01

    The ContentStudio plugin for WordPress is vulnerable to Sensitive Information Exposure in versions up to, and including, 1.2.5. This could allow unauthenticated attackers to obtain a nonce needed for the creation of posts.

  • CVE-2022-46363HigDec 13, 2022
    risk 0.49cvss 7.5epss 0.01

    A vulnerability in Apache CXF before versions 3.5.5 and 3.4.10 allows an attacker to perform a remote directory listing or code exfiltration. The vulnerability only applies when the CXFServlet is configured with both the static-resources-list and redirect-query-check…

  • CVE-2022-37783HigDec 5, 2022
    risk 0.49cvss 7.5epss 0.01

    All Craft CMS versions between 3.0.0 and 3.7.32 disclose password hashes of users who authenticate using their E-Mail address or username in Anti-CSRF-Tokens. Craft CMS uses a cookie called CRAFT_CSRF_TOKEN and a HTML hidden field called CRAFT_CSRF_TOKEN to avoid Cross Site…

  • CVE-2022-41876HigNov 10, 2022
    risk 0.49cvss 7.5epss 0.01

    ezplatform-graphql is a GraphQL server implementation for Ibexa DXP and Ibexa Open Source. Versions prior to 2.3.12 and 1.0.13 are subject to Insecure Storage of Sensitive Information. Unauthenticated GraphQL queries for user accounts can expose password hashes of users that…

  • CVE-2022-36079HigSep 7, 2022
    risk 0.49cvss 8.6epss 0.01

    Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. Internal fields (keys used internally by Parse Server, prefixed by `_`) and protected fields (user defined) can be used as query constraints. Internal and protected fields are…

  • CVE-2022-27775HigJun 2, 2022
    risk 0.49cvss 7.5epss 0.03

    An information disclosure vulnerability exists in curl 7.65.0 to 7.82.0 are vulnerable that by using an IPv6 address that was in the connection pool but with a different zone id it could reuse a connection instead.

  • CVE-2022-25512HigMar 11, 2022
    risk 0.49cvss 7.5epss 0.01

    FreeTAKServer-UI v1.9.8 was discovered to leak sensitive API and Websocket keys.

  • CVE-2021-22785HigFeb 11, 2022
    risk 0.49cvss 7.5epss 0.01

    A CWE-200: Information Exposure vulnerability exists that could cause sensitive information of files located in the web root directory to leak when an attacker sends a HTTP request to the web server of the device. Affected Product: Modicon M340 CPUs: BMXP34 (Versions prior to…

  • CVE-2021-22967HigNov 19, 2021
    risk 0.49cvss 7.5epss 0.01

    In Concrete CMS (formerly concrete 5) below 8.5.7, IDOR Allows Unauthenticated User to Access Restricted Files If Allowed to Add Message to a Conversation.To remediate this, a check was added to verify a user has permissions to view files before attaching the files to a message…

  • CVE-2021-22951HigNov 19, 2021
    risk 0.49cvss 7.5epss 0.01

    Unauthorized individuals could view password protected files using view_inline in Concrete CMS (previously concrete 5) prior to version 8.5.7. Concrete CMS now checks to see if a file has a password in view_inline and, if it does, the file is not rendered.For version 8.5.6, the…

  • CVE-2021-43564HigNov 10, 2021
    risk 0.49cvss 7.5epss 0.01

    An issue was discovered in the jobfair (aka Job Fair) extension before 1.0.13 and 2.x before 2.0.2 for TYPO3. The extension fails to protect or obfuscate filenames of uploaded files. This allows unauthenticated users to download files with sensitive data by simply guessing the…

  • CVE-2021-32770HigJul 15, 2021
    risk 0.49cvss 7.5epss 0.01

    Gatsby is a framework for building websites. The gatsby-source-wordpress plugin prior to versions 4.0.8 and 5.9.2 leaks .htaccess HTTP Basic Authentication variables into the app.js bundle during build-time. Users who are not initializing basic authentication credentials in the…

  • CVE-2021-22885HigMay 27, 2021
    risk 0.49cvss 7.5epss 0.04

    A possible information disclosure / unintended method execution vulnerability in Action Pack >= 2.0.0 when using the `redirect_to` or `polymorphic_url`helper with untrusted user input.

  • CVE-2021-32624HigMay 24, 2021
    risk 0.49cvss 7.5epss 0.01

    Keystone 5 is an open source CMS platform to build Node.js applications. This security advisory relates to a newly discovered capability in our query infrastructure to directly or indirectly expose the values of private fields, bypassing the configured access control. This is an…

  • CVE-2021-30638HigApr 27, 2021
    risk 0.49cvss 7.5epss 0.07

    Information Exposure vulnerability in context asset handling of Apache Tapestry allows an attacker to download files inside WEB-INF if using a specially-constructed URL. This was caused by an incomplete fix for CVE-2020-13953. This issue affects Apache Tapestry Apache Tapestry…

  • CVE-2020-23811HigSep 3, 2020
    risk 0.49cvss 7.5epss 0.01

    xxl-job 2.2.0 allows Information Disclosure of username, model, and password via job/admin/controller/UserController.java.