CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
Description
The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.
Hierarchy (View 1000)
Related attack patterns (CAPEC)
CAPEC-116 · CAPEC-13 · CAPEC-169 · CAPEC-22 · CAPEC-224 · CAPEC-285 · CAPEC-287 · CAPEC-290 · CAPEC-291 · CAPEC-292 · CAPEC-293 · CAPEC-294 · CAPEC-295 · CAPEC-296 · CAPEC-297 · CAPEC-298 · CAPEC-299 · CAPEC-300 · CAPEC-301 · CAPEC-302 · CAPEC-303 · CAPEC-304 · CAPEC-305 · CAPEC-306 · CAPEC-307 · CAPEC-308 · CAPEC-309 · CAPEC-310 · CAPEC-312 · CAPEC-313 · CAPEC-317 · CAPEC-318 · CAPEC-319 · CAPEC-320 · CAPEC-321 · CAPEC-322 · CAPEC-323 · CAPEC-324 · CAPEC-325 · CAPEC-326 · CAPEC-327 · CAPEC-328 · CAPEC-329 · CAPEC-330 · CAPEC-472 · CAPEC-497 · CAPEC-508 · CAPEC-573 · CAPEC-574 · CAPEC-575 · CAPEC-576 · CAPEC-577 · CAPEC-59 · CAPEC-60 · CAPEC-616 · CAPEC-643 · CAPEC-646 · CAPEC-651 · CAPEC-79
CVEs mapped to this weakness (7,319)
page 342 of 366| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2010-3280 | 0.00 | — | 0.01 | Sep 23, 2010 | The CCAgent option 9.0.8.4 and earlier in the management server (aka TSA) component in Alcatel-Lucent OmniTouch Contact Center Standard Edition relies on client-side authorization checking, and unconditionally sends the SuperUser password to the client for use during an… | |||
| CVE-2010-3417 | 0.00 | — | 0.01 | Sep 16, 2010 | Google Chrome before 6.0.472.59 does not prompt the user before granting access to the extension history, which allows attackers to obtain potentially sensitive information via unspecified vectors. | |||
| CVE-2010-3018 | 0.00 | — | 0.01 | Sep 9, 2010 | RSA Access Manager Server 5.5.3 before 5.5.3.172, 6.0.4 before 6.0.4.53, and 6.1 before 6.1.2.01 does not properly perform cache updates, which allows remote attackers to obtain sensitive information via unspecified vectors. | |||
| CVE-2010-2803 | 0.00 | — | 0.00 | Sep 8, 2010 | The drm_ioctl function in drivers/gpu/drm/drm_drv.c in the Direct Rendering Manager (DRM) subsystem in the Linux kernel before 2.6.27.53, 2.6.32.x before 2.6.32.21, 2.6.34.x before 2.6.34.6, and 2.6.35.x before 2.6.35.4 allows local users to obtain potentially sensitive… | |||
| CVE-2010-3259 | 0.00 | — | 0.02 | Sep 7, 2010 | WebKit, as used in Apple Safari before 4.1.3 and 5.0.x before 5.0.3, Google Chrome before 6.0.472.53, and webkitgtk before 1.2.6, does not properly restrict read access to images derived from CANVAS elements, which allows remote attackers to bypass the Same Origin Policy and… | |||
| CVE-2010-3245 | 0.00 | — | 0.01 | Sep 7, 2010 | The automated-backup functionality in Blackboard Transact Suite (formerly Blackboard Commerce Suite) stores the (1) database username and (2) database password in cleartext in (a) script and (b) batch (.bat) files, which allows local users to obtain sensitive information by… | |||
| CVE-2010-3244 | 0.00 | — | 0.00 | Sep 7, 2010 | BbtsConnection_Edit.exe in Blackboard Transact Suite (formerly Blackboard Commerce Suite) before 3.6.0.2 relies on field names when determining whether it is appropriate to decrypt a connection.xml field value, which allows local users to discover the database password via a… | |||
| CVE-2010-2226 | 0.00 | — | 0.00 | Sep 3, 2010 | The xfs_swapext function in fs/xfs/xfs_dfrag.c in the Linux kernel before 2.6.35 does not properly check the file descriptors passed to the SWAPEXT ioctl, which allows local users to leverage write access and obtain read access by swapping one file into another file. | |||
| CVE-2010-1800 | 0.00 | — | 0.01 | Aug 25, 2010 | CFNetwork in Apple Mac OS X 10.6.3 and 10.6.4 supports anonymous SSL and TLS connections, which allows man-in-the-middle attackers to redirect a connection and obtain sensitive information via crafted responses. | |||
| CVE-2010-3118 | 0.00 | — | 0.01 | Aug 24, 2010 | The autosuggest feature in the Omnibox implementation in Google Chrome before 5.0.375.127 does not anticipate entry of passwords, which might allow remote attackers to obtain sensitive information by reading the network traffic generated by this feature. | |||
| CVE-2010-2531 | 0.00 | — | 0.05 | Aug 20, 2010 | The var_export function in PHP 5.2 before 5.2.14 and 5.3 before 5.3.3 flushes the output buffer to the user when certain fatal errors occur, even if display_errors is off, which allows remote attackers to obtain sensitive information by causing the application to exceed limits… | |||
| CVE-2010-2484 | 0.00 | — | 0.02 | Aug 20, 2010 | The strrchr function in PHP 5.2 before 5.2.14 allows context-dependent attackers to obtain sensitive information (memory contents) or trigger memory corruption by causing a userspace interruption of an internal function or handler. | |||
| CVE-2010-3062 | 0.00 | — | 0.03 | Aug 20, 2010 | mysqlnd_wireprotocol.c in the Mysqlnd extension in PHP 5.3 through 5.3.2 allows remote attackers to (1) read sensitive memory via a modified length value, which is not properly handled by the php_mysqlnd_ok_read function; or (2) trigger a heap-based buffer overflow via a… | |||
| CVE-2010-3014 | 0.00 | — | 0.00 | Aug 20, 2010 | The Coda filesystem kernel module, as used in NetBSD and FreeBSD, when Coda is loaded and Venus is running with /coda mounted, allows local users to read sensitive heap memory via a large out_size value in a ViceIoctl struct to a Coda ioctl, which triggers a buffer over-read. | |||
| CVE-2010-2758 | 0.00 | — | 0.01 | Aug 16, 2010 | Bugzilla 2.17.1 through 3.2.7, 3.3.1 through 3.4.7, 3.5.1 through 3.6.1, and 3.7 through 3.7.2 generates different error messages depending on whether a product exists, which makes it easier for remote attackers to guess product names via unspecified use of the (1) Reports or… | |||
| CVE-2010-2989 | 0.00 | — | 0.01 | Aug 10, 2010 | nessusd_www_server.nbin in the Nessus Web Server plugin 1.2.4 for Nessus allows remote attackers to obtain sensitive information via a request to the /feed method, which reveals the version in a response. | |||
| CVE-2010-2982 | 0.00 | — | 0.01 | Aug 10, 2010 | Cisco Unified Wireless Network (UWN) Solution 7.x before 7.0.98.0 allows remote attackers to discover a group password via a series of SNMP requests, as demonstrated by an SNMP walk, aka Bug ID CSCtb74037. | |||
| CVE-2010-2975 | 0.00 | — | 0.00 | Aug 10, 2010 | Cisco Unified Wireless Network (UWN) Solution 7.x through 7.0.98.0 does not properly handle multiple SSH sessions, which allows physically proximate attackers to read a password, related to an "arrow key failure," aka Bug ID CSCtg51544. | |||
| CVE-2010-1796 | 0.00 | — | 0.02 | Jul 30, 2010 | The AutoFill feature in Apple Safari before 5.0.1 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.1 on Mac OS X 10.4, allows remote attackers to obtain sensitive Address Book Card information via JavaScript code that forces keystroke events for input fields. | |||
| CVE-2010-2913 | 0.00 | — | 0.00 | Jul 30, 2010 | The Citibank Citi Mobile app before 2.0.3 for iOS stores account data in a file, which allows local users to obtain sensitive information via vectors involving (1) the mobile device or (2) a synchronized computer. |
- CVE-2010-3280Sep 23, 2010risk 0.00cvss —epss 0.01
The CCAgent option 9.0.8.4 and earlier in the management server (aka TSA) component in Alcatel-Lucent OmniTouch Contact Center Standard Edition relies on client-side authorization checking, and unconditionally sends the SuperUser password to the client for use during an…
- CVE-2010-3417Sep 16, 2010risk 0.00cvss —epss 0.01
Google Chrome before 6.0.472.59 does not prompt the user before granting access to the extension history, which allows attackers to obtain potentially sensitive information via unspecified vectors.
- CVE-2010-3018Sep 9, 2010risk 0.00cvss —epss 0.01
RSA Access Manager Server 5.5.3 before 5.5.3.172, 6.0.4 before 6.0.4.53, and 6.1 before 6.1.2.01 does not properly perform cache updates, which allows remote attackers to obtain sensitive information via unspecified vectors.
- CVE-2010-2803Sep 8, 2010risk 0.00cvss —epss 0.00
The drm_ioctl function in drivers/gpu/drm/drm_drv.c in the Direct Rendering Manager (DRM) subsystem in the Linux kernel before 2.6.27.53, 2.6.32.x before 2.6.32.21, 2.6.34.x before 2.6.34.6, and 2.6.35.x before 2.6.35.4 allows local users to obtain potentially sensitive…
- CVE-2010-3259Sep 7, 2010risk 0.00cvss —epss 0.02
WebKit, as used in Apple Safari before 4.1.3 and 5.0.x before 5.0.3, Google Chrome before 6.0.472.53, and webkitgtk before 1.2.6, does not properly restrict read access to images derived from CANVAS elements, which allows remote attackers to bypass the Same Origin Policy and…
- CVE-2010-3245Sep 7, 2010risk 0.00cvss —epss 0.01
The automated-backup functionality in Blackboard Transact Suite (formerly Blackboard Commerce Suite) stores the (1) database username and (2) database password in cleartext in (a) script and (b) batch (.bat) files, which allows local users to obtain sensitive information by…
- CVE-2010-3244Sep 7, 2010risk 0.00cvss —epss 0.00
BbtsConnection_Edit.exe in Blackboard Transact Suite (formerly Blackboard Commerce Suite) before 3.6.0.2 relies on field names when determining whether it is appropriate to decrypt a connection.xml field value, which allows local users to discover the database password via a…
- CVE-2010-2226Sep 3, 2010risk 0.00cvss —epss 0.00
The xfs_swapext function in fs/xfs/xfs_dfrag.c in the Linux kernel before 2.6.35 does not properly check the file descriptors passed to the SWAPEXT ioctl, which allows local users to leverage write access and obtain read access by swapping one file into another file.
- CVE-2010-1800Aug 25, 2010risk 0.00cvss —epss 0.01
CFNetwork in Apple Mac OS X 10.6.3 and 10.6.4 supports anonymous SSL and TLS connections, which allows man-in-the-middle attackers to redirect a connection and obtain sensitive information via crafted responses.
- CVE-2010-3118Aug 24, 2010risk 0.00cvss —epss 0.01
The autosuggest feature in the Omnibox implementation in Google Chrome before 5.0.375.127 does not anticipate entry of passwords, which might allow remote attackers to obtain sensitive information by reading the network traffic generated by this feature.
- CVE-2010-2531Aug 20, 2010risk 0.00cvss —epss 0.05
The var_export function in PHP 5.2 before 5.2.14 and 5.3 before 5.3.3 flushes the output buffer to the user when certain fatal errors occur, even if display_errors is off, which allows remote attackers to obtain sensitive information by causing the application to exceed limits…
- CVE-2010-2484Aug 20, 2010risk 0.00cvss —epss 0.02
The strrchr function in PHP 5.2 before 5.2.14 allows context-dependent attackers to obtain sensitive information (memory contents) or trigger memory corruption by causing a userspace interruption of an internal function or handler.
- CVE-2010-3062Aug 20, 2010risk 0.00cvss —epss 0.03
mysqlnd_wireprotocol.c in the Mysqlnd extension in PHP 5.3 through 5.3.2 allows remote attackers to (1) read sensitive memory via a modified length value, which is not properly handled by the php_mysqlnd_ok_read function; or (2) trigger a heap-based buffer overflow via a…
- CVE-2010-3014Aug 20, 2010risk 0.00cvss —epss 0.00
The Coda filesystem kernel module, as used in NetBSD and FreeBSD, when Coda is loaded and Venus is running with /coda mounted, allows local users to read sensitive heap memory via a large out_size value in a ViceIoctl struct to a Coda ioctl, which triggers a buffer over-read.
- CVE-2010-2758Aug 16, 2010risk 0.00cvss —epss 0.01
Bugzilla 2.17.1 through 3.2.7, 3.3.1 through 3.4.7, 3.5.1 through 3.6.1, and 3.7 through 3.7.2 generates different error messages depending on whether a product exists, which makes it easier for remote attackers to guess product names via unspecified use of the (1) Reports or…
- CVE-2010-2989Aug 10, 2010risk 0.00cvss —epss 0.01
nessusd_www_server.nbin in the Nessus Web Server plugin 1.2.4 for Nessus allows remote attackers to obtain sensitive information via a request to the /feed method, which reveals the version in a response.
- CVE-2010-2982Aug 10, 2010risk 0.00cvss —epss 0.01
Cisco Unified Wireless Network (UWN) Solution 7.x before 7.0.98.0 allows remote attackers to discover a group password via a series of SNMP requests, as demonstrated by an SNMP walk, aka Bug ID CSCtb74037.
- CVE-2010-2975Aug 10, 2010risk 0.00cvss —epss 0.00
Cisco Unified Wireless Network (UWN) Solution 7.x through 7.0.98.0 does not properly handle multiple SSH sessions, which allows physically proximate attackers to read a password, related to an "arrow key failure," aka Bug ID CSCtg51544.
- CVE-2010-1796Jul 30, 2010risk 0.00cvss —epss 0.02
The AutoFill feature in Apple Safari before 5.0.1 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.1 on Mac OS X 10.4, allows remote attackers to obtain sensitive Address Book Card information via JavaScript code that forces keystroke events for input fields.
- CVE-2010-2913Jul 30, 2010risk 0.00cvss —epss 0.00
The Citibank Citi Mobile app before 2.0.3 for iOS stores account data in a file, which allows local users to obtain sensitive information via vectors involving (1) the mobile device or (2) a synchronized computer.