CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
Description
The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.
Hierarchy (View 1000)
Related attack patterns (CAPEC)
CAPEC-116 · CAPEC-13 · CAPEC-169 · CAPEC-22 · CAPEC-224 · CAPEC-285 · CAPEC-287 · CAPEC-290 · CAPEC-291 · CAPEC-292 · CAPEC-293 · CAPEC-294 · CAPEC-295 · CAPEC-296 · CAPEC-297 · CAPEC-298 · CAPEC-299 · CAPEC-300 · CAPEC-301 · CAPEC-302 · CAPEC-303 · CAPEC-304 · CAPEC-305 · CAPEC-306 · CAPEC-307 · CAPEC-308 · CAPEC-309 · CAPEC-310 · CAPEC-312 · CAPEC-313 · CAPEC-317 · CAPEC-318 · CAPEC-319 · CAPEC-320 · CAPEC-321 · CAPEC-322 · CAPEC-323 · CAPEC-324 · CAPEC-325 · CAPEC-326 · CAPEC-327 · CAPEC-328 · CAPEC-329 · CAPEC-330 · CAPEC-472 · CAPEC-497 · CAPEC-508 · CAPEC-573 · CAPEC-574 · CAPEC-575 · CAPEC-576 · CAPEC-577 · CAPEC-59 · CAPEC-60 · CAPEC-616 · CAPEC-643 · CAPEC-646 · CAPEC-651 · CAPEC-79
CVEs mapped to this weakness (7,319)
page 33 of 366| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2018-5115 | Hig | 0.49 | 7.5 | 0.03 | Jun 11, 2018 | If an HTTP authentication prompt is triggered by a background network request from a page or extension, it is displayed over the currently loaded foreground page. Although the prompt contains the real domain making the request, this can result in user confusion about the… | ||
| CVE-2017-7843 | Hig | 0.49 | 7.5 | 0.03 | Jun 11, 2018 | When Private Browsing mode is used, it is possible for a web worker to write persistent data to IndexedDB and fingerprint a user uniquely. IndexedDB should not be available in Private Browsing mode and this stored data will persist across multiple private browsing mode sessions… | ||
| CVE-2017-7787 | Hig | 0.49 | 7.5 | 0.02 | Jun 11, 2018 | Same-origin policy protections can be bypassed on pages with embedded iframes during page reloads, allowing the iframes to access content on the top level page, leading to information disclosure. This vulnerability affects Thunderbird < 52.3, Firefox ESR < 52.3, and Firefox < 55. | ||
| CVE-2017-7759 | Hig | 0.49 | 7.5 | 0.01 | Jun 11, 2018 | Android intent URLs given to Firefox for Android can be used to navigate from HTTP or HTTPS URLs to local "file:" URLs, allowing for the reading of local data through a violation of same-origin policy. Note: This attack only affects Firefox for Android. Other operating systems… | ||
| CVE-2017-5454 | Hig | 0.49 | 7.5 | 0.03 | Jun 11, 2018 | A mechanism to bypass file system access protections in the sandbox to use the file picker to access different files than those selected in the file picker through the use of relative paths. This allows for read only access to the local file system. This vulnerability affects… | ||
| CVE-2017-5425 | Hig | 0.49 | 7.5 | 0.02 | Jun 11, 2018 | The Gecko Media Plugin sandbox allows access to local files that match specific regular expressions. On OS OX, this matching allows access to some data in subdirectories of "/private/var" that could expose personal or temporary data. This has been updated to not allow access to… | ||
| CVE-2017-5385 | Hig | 0.49 | 7.5 | 0.02 | Jun 11, 2018 | Data sent with in multipart channels, such as the multipart/x-mixed-replace MIME type, will ignore the referrer-policy response header, leading to potential information disclosure for sites using this header. This vulnerability affects Firefox < 51. | ||
| CVE-2017-5382 | Hig | 0.49 | 7.5 | 0.02 | Jun 11, 2018 | Feed preview for RSS feeds can be used to capture errors and exceptions generated by privileged content, allowing for the exposure of internal information not meant to be seen by web content. This vulnerability affects Firefox < 51. | ||
| CVE-2017-5378 | Hig | 0.49 | 7.5 | 0.03 | Jun 11, 2018 | Hashed codes of JavaScript objects are shared between pages. This allows for pointer leaks because an object's address can be discovered through hash codes, and also allows for data leakage of an object's content using these hash codes. This vulnerability affects Thunderbird <… | ||
| CVE-2016-9904 | Hig | 0.49 | 7.5 | 0.03 | Jun 11, 2018 | An attacker could use a JavaScript Map/Set timing attack to determine whether an atom is used by another compartment/zone in specific contexts. This could be used to leak information, such as usernames embedded in JavaScript code, across websites. This vulnerability affects… | ||
| CVE-2018-12089 | Hig | 0.49 | 7.5 | 0.01 | Jun 11, 2018 | In Octopus Deploy version 2018.5.1 to 2018.5.7, a user with Task View is able to view a password for a Service Fabric Cluster, when the Service Fabric Cluster target is configured in Azure Active Directory security mode and a deployment is executed with OctopusPrintVariables set… | ||
| CVE-2018-4221 | Hig | 0.49 | 7.5 | 0.01 | Jun 8, 2018 | An issue was discovered in certain Apple products. iOS before 11.4 is affected. macOS before 10.13.5 is affected. The issue involves the "Security" component. It allows web sites to track users by leveraging the transmission of S/MIME client certificates. | ||
| CVE-2017-16225 | — | Hig | 0.49 | 7.5 | 0.01 | Jun 7, 2018 | aegir is a module to help automate JavaScript project management. Version 12.0.0 through and including 12.0.7 bundled and published to npm the user (that performed a aegir-release) GitHub token. | |
| CVE-2017-16206 | — | Hig | 0.49 | 7.5 | 0.01 | Jun 7, 2018 | The cofee-script module exfiltrates sensitive data such as a user's private SSH key and bash history to a third party server during installation. | |
| CVE-2017-16205 | — | Hig | 0.49 | 7.5 | 0.01 | Jun 7, 2018 | The coffescript module exfiltrates sensitive data such as a user's private SSH key and bash history to a third party server during installation. | |
| CVE-2017-16204 | — | Hig | 0.49 | 7.5 | 0.01 | Jun 7, 2018 | The jquey module exfiltrates sensitive data such as a user's private SSH key and bash history to a third party server during installation. | |
| CVE-2017-16203 | — | Hig | 0.49 | 7.5 | 0.01 | Jun 7, 2018 | The coffe-script module exfiltrates sensitive data such as a user's private SSH key and bash history to a third party server during installation. | |
| CVE-2017-16202 | — | Hig | 0.49 | 7.5 | 0.01 | Jun 7, 2018 | The cofeescript module exfiltrates sensitive data such as a user's private SSH key and bash history to a third party server during installation. | |
| CVE-2017-16081 | Hig | 0.49 | 7.5 | 0.01 | Jun 7, 2018 | cross-env.js was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm. | ||
| CVE-2017-16080 | — | Hig | 0.49 | 7.5 | 0.01 | Jun 7, 2018 | nodesass was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm. |
- risk 0.49cvss 7.5epss 0.03
If an HTTP authentication prompt is triggered by a background network request from a page or extension, it is displayed over the currently loaded foreground page. Although the prompt contains the real domain making the request, this can result in user confusion about the…
- risk 0.49cvss 7.5epss 0.03
When Private Browsing mode is used, it is possible for a web worker to write persistent data to IndexedDB and fingerprint a user uniquely. IndexedDB should not be available in Private Browsing mode and this stored data will persist across multiple private browsing mode sessions…
- risk 0.49cvss 7.5epss 0.02
Same-origin policy protections can be bypassed on pages with embedded iframes during page reloads, allowing the iframes to access content on the top level page, leading to information disclosure. This vulnerability affects Thunderbird < 52.3, Firefox ESR < 52.3, and Firefox < 55.
- risk 0.49cvss 7.5epss 0.01
Android intent URLs given to Firefox for Android can be used to navigate from HTTP or HTTPS URLs to local "file:" URLs, allowing for the reading of local data through a violation of same-origin policy. Note: This attack only affects Firefox for Android. Other operating systems…
- risk 0.49cvss 7.5epss 0.03
A mechanism to bypass file system access protections in the sandbox to use the file picker to access different files than those selected in the file picker through the use of relative paths. This allows for read only access to the local file system. This vulnerability affects…
- risk 0.49cvss 7.5epss 0.02
The Gecko Media Plugin sandbox allows access to local files that match specific regular expressions. On OS OX, this matching allows access to some data in subdirectories of "/private/var" that could expose personal or temporary data. This has been updated to not allow access to…
- risk 0.49cvss 7.5epss 0.02
Data sent with in multipart channels, such as the multipart/x-mixed-replace MIME type, will ignore the referrer-policy response header, leading to potential information disclosure for sites using this header. This vulnerability affects Firefox < 51.
- risk 0.49cvss 7.5epss 0.02
Feed preview for RSS feeds can be used to capture errors and exceptions generated by privileged content, allowing for the exposure of internal information not meant to be seen by web content. This vulnerability affects Firefox < 51.
- risk 0.49cvss 7.5epss 0.03
Hashed codes of JavaScript objects are shared between pages. This allows for pointer leaks because an object's address can be discovered through hash codes, and also allows for data leakage of an object's content using these hash codes. This vulnerability affects Thunderbird <…
- risk 0.49cvss 7.5epss 0.03
An attacker could use a JavaScript Map/Set timing attack to determine whether an atom is used by another compartment/zone in specific contexts. This could be used to leak information, such as usernames embedded in JavaScript code, across websites. This vulnerability affects…
- risk 0.49cvss 7.5epss 0.01
In Octopus Deploy version 2018.5.1 to 2018.5.7, a user with Task View is able to view a password for a Service Fabric Cluster, when the Service Fabric Cluster target is configured in Azure Active Directory security mode and a deployment is executed with OctopusPrintVariables set…
- risk 0.49cvss 7.5epss 0.01
An issue was discovered in certain Apple products. iOS before 11.4 is affected. macOS before 10.13.5 is affected. The issue involves the "Security" component. It allows web sites to track users by leveraging the transmission of S/MIME client certificates.
- risk 0.49cvss 7.5epss 0.01
aegir is a module to help automate JavaScript project management. Version 12.0.0 through and including 12.0.7 bundled and published to npm the user (that performed a aegir-release) GitHub token.
- risk 0.49cvss 7.5epss 0.01
The cofee-script module exfiltrates sensitive data such as a user's private SSH key and bash history to a third party server during installation.
- risk 0.49cvss 7.5epss 0.01
The coffescript module exfiltrates sensitive data such as a user's private SSH key and bash history to a third party server during installation.
- risk 0.49cvss 7.5epss 0.01
The jquey module exfiltrates sensitive data such as a user's private SSH key and bash history to a third party server during installation.
- risk 0.49cvss 7.5epss 0.01
The coffe-script module exfiltrates sensitive data such as a user's private SSH key and bash history to a third party server during installation.
- risk 0.49cvss 7.5epss 0.01
The cofeescript module exfiltrates sensitive data such as a user's private SSH key and bash history to a third party server during installation.
- risk 0.49cvss 7.5epss 0.01
cross-env.js was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm.
- risk 0.49cvss 7.5epss 0.01
nodesass was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm.