CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
Description
The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.
Hierarchy (View 1000)
Related attack patterns (CAPEC)
CAPEC-116 · CAPEC-13 · CAPEC-169 · CAPEC-22 · CAPEC-224 · CAPEC-285 · CAPEC-287 · CAPEC-290 · CAPEC-291 · CAPEC-292 · CAPEC-293 · CAPEC-294 · CAPEC-295 · CAPEC-296 · CAPEC-297 · CAPEC-298 · CAPEC-299 · CAPEC-300 · CAPEC-301 · CAPEC-302 · CAPEC-303 · CAPEC-304 · CAPEC-305 · CAPEC-306 · CAPEC-307 · CAPEC-308 · CAPEC-309 · CAPEC-310 · CAPEC-312 · CAPEC-313 · CAPEC-317 · CAPEC-318 · CAPEC-319 · CAPEC-320 · CAPEC-321 · CAPEC-322 · CAPEC-323 · CAPEC-324 · CAPEC-325 · CAPEC-326 · CAPEC-327 · CAPEC-328 · CAPEC-329 · CAPEC-330 · CAPEC-472 · CAPEC-497 · CAPEC-508 · CAPEC-573 · CAPEC-574 · CAPEC-575 · CAPEC-576 · CAPEC-577 · CAPEC-59 · CAPEC-60 · CAPEC-616 · CAPEC-643 · CAPEC-646 · CAPEC-651 · CAPEC-79
CVEs mapped to this weakness (7,319)
page 47 of 366| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2014-9970 | Hig | 0.49 | 7.5 | 0.02 | May 21, 2017 | jasypt before 1.9.2 allows a timing attack against the password hash comparison. | ||
| CVE-2017-6621 | Hig | 0.49 | 7.5 | 0.06 | May 18, 2017 | A vulnerability in the web interface of Cisco Prime Collaboration Provisioning could allow an unauthenticated, remote attacker to access sensitive data. The attacker could use this information to conduct additional reconnaissance attacks. The vulnerability is due to insufficient… | ||
| CVE-2017-6651 | Hig | 0.49 | 7.5 | 0.02 | May 16, 2017 | A vulnerability in Cisco WebEx Meetings Server could allow unauthenticated, remote attackers to gain information that could allow them to access scheduled customer meetings. The vulnerability is due to an incomplete configuration of the robots.txt file on customer-hosted WebEx… | ||
| CVE-2016-8741 | Hig | 0.49 | 7.5 | 0.06 | May 15, 2017 | The Apache Qpid Broker for Java can be configured to use different so called AuthenticationProviders to handle user authentication. Among the choices are the SCRAM-SHA-1 and SCRAM-SHA-256 AuthenticationProvider types. It was discovered that these AuthenticationProviders in… | ||
| CVE-2017-7486 | Hig | 0.49 | 7.5 | 0.06 | May 12, 2017 | PostgreSQL versions 8.4 - 9.6 are vulnerable to information leak in pg_user_mappings view which discloses foreign server passwords to any user having USAGE privilege on the associated foreign server. | ||
| CVE-2017-7484 | Hig | 0.49 | 7.5 | 0.03 | May 12, 2017 | It was found that some selectivity estimation functions in PostgreSQL before 9.2.21, 9.3.x before 9.3.17, 9.4.x before 9.4.12, 9.5.x before 9.5.7, and 9.6.x before 9.6.3 did not check user privileges before providing information from pg_statistic, possibly leaking information.… | ||
| CVE-2017-5892 | Hig | 0.49 | 7.5 | 0.01 | May 10, 2017 | ASUS RT-AC* and RT-N* devices with firmware before 3.0.0.4.380.7378 allow JSONP Information Disclosure such as a network map. | ||
| CVE-2017-3067 | Hig | 0.49 | 7.5 | 0.05 | May 9, 2017 | Adobe Experience Manager Forms versions 6.2, 6.1, 6.0 have an information disclosure vulnerability resulting from abuse of the pre-population service in AEM Forms. | ||
| CVE-2017-7415 | Hig | 0.49 | 7.5 | 0.04 | Apr 27, 2017 | Atlassian Confluence 6.x before 6.0.7 allows remote attackers to bypass authentication and read any blog or page via the drafts diff REST resource. | ||
| CVE-2017-2334 | Hig | 0.49 | 7.5 | 0.01 | Apr 24, 2017 | An information leak vulnerability in Juniper Networks NorthStar Controller Application prior to version 2.1.0 Service Pack 1 may allow a network-based malicious attacker to perform a man-in-the-middle attack, thereby stealing authentic credentials from encrypted paths which are… | ||
| CVE-2016-1556 | Hig | 0.49 | 7.5 | 0.03 | Apr 21, 2017 | Information disclosure in Netgear WN604 before 3.3.3; WNAP210, WNAP320, WNDAP350, and WNDAP360 before 3.5.5.0; and WND930 before 2.0.11 allows remote attackers to read the wireless WPS PIN or passphrase by visiting unauthenticated webpages. | ||
| CVE-2016-6335 | Hig | 0.49 | 7.5 | 0.02 | Apr 20, 2017 | MediaWiki before 1.23.15, 1.26.x before 1.26.4, and 1.27.x before 1.27.1 does not generate head items in the context of a given title, which allows remote attackers to obtain sensitive information via a parse action to api.php. | ||
| CVE-2016-6332 | Hig | 0.49 | 7.5 | 0.02 | Apr 20, 2017 | MediaWiki before 1.23.15, 1.26.x before 1.26.4, and 1.27.x before 1.27.1, when $wgBlockDisablesLogin is true, might allow remote attackers to obtain sensitive information by leveraging failure to terminate sessions when a user account is blocked. | ||
| CVE-2016-5409 | Hig | 0.49 | 7.5 | 0.01 | Apr 20, 2017 | Red Hat OpenShift Enterprise 2 does not include the HTTPOnly flag in a Set-Cookie header for the GEARID cookie, which makes it easier for remote attackers to obtain potentially sensitive information via script access to the cookies. | ||
| CVE-2017-7978 | Hig | 0.49 | 7.5 | 0.01 | Apr 19, 2017 | Samsung Android devices with L(5.0/5.1), M(6.0), and N(7.x) software allow attackers to obtain sensitive information by reading a world-readable log file after an unexpected reboot. The Samsung ID is SVE-2017-8290. | ||
| CVE-2016-8727 | Hig | 0.49 | 7.5 | 0.01 | Apr 13, 2017 | An exploitable information disclosure vulnerability exists in the Web Application functionality of Moxa AWK-3131A Wireless Access Point. Retrieving a series of URLs without authentication can reveal sensitive configuration and system information to an attacker. | ||
| CVE-2015-7824 | Hig | 0.49 | 7.5 | 0.02 | Apr 10, 2017 | botan 1.11.x before 1.11.22 makes it easier for remote attackers to decrypt TLS ciphertext data via a padding-oracle attack against TLS CBC ciphersuites. | ||
| CVE-2015-8378 | Hig | 0.49 | 7.5 | 0.01 | Apr 10, 2017 | In KeePassX before 0.4.4, a cleartext copy of password data is created upon a cancel of an XML export action. This allows context-dependent attackers to obtain sensitive information by reading the .xml dotfile. | ||
| CVE-2016-5076 | Hig | 0.49 | 7.5 | 0.01 | Apr 10, 2017 | CloudView NMS before 2.10a allows remote attackers to obtain sensitive information via a direct request for admin/auto.def. | ||
| CVE-2016-5051 | Hig | 0.49 | 7.5 | 0.01 | Apr 10, 2017 | OSRAM SYLVANIA Osram Lightify Home before 2016-07-26 stores a PSK in cleartext under /private/var/mobile/Containers/Data/Application. |
- risk 0.49cvss 7.5epss 0.02
jasypt before 1.9.2 allows a timing attack against the password hash comparison.
- risk 0.49cvss 7.5epss 0.06
A vulnerability in the web interface of Cisco Prime Collaboration Provisioning could allow an unauthenticated, remote attacker to access sensitive data. The attacker could use this information to conduct additional reconnaissance attacks. The vulnerability is due to insufficient…
- risk 0.49cvss 7.5epss 0.02
A vulnerability in Cisco WebEx Meetings Server could allow unauthenticated, remote attackers to gain information that could allow them to access scheduled customer meetings. The vulnerability is due to an incomplete configuration of the robots.txt file on customer-hosted WebEx…
- risk 0.49cvss 7.5epss 0.06
The Apache Qpid Broker for Java can be configured to use different so called AuthenticationProviders to handle user authentication. Among the choices are the SCRAM-SHA-1 and SCRAM-SHA-256 AuthenticationProvider types. It was discovered that these AuthenticationProviders in…
- risk 0.49cvss 7.5epss 0.06
PostgreSQL versions 8.4 - 9.6 are vulnerable to information leak in pg_user_mappings view which discloses foreign server passwords to any user having USAGE privilege on the associated foreign server.
- risk 0.49cvss 7.5epss 0.03
It was found that some selectivity estimation functions in PostgreSQL before 9.2.21, 9.3.x before 9.3.17, 9.4.x before 9.4.12, 9.5.x before 9.5.7, and 9.6.x before 9.6.3 did not check user privileges before providing information from pg_statistic, possibly leaking information.…
- risk 0.49cvss 7.5epss 0.01
ASUS RT-AC* and RT-N* devices with firmware before 3.0.0.4.380.7378 allow JSONP Information Disclosure such as a network map.
- risk 0.49cvss 7.5epss 0.05
Adobe Experience Manager Forms versions 6.2, 6.1, 6.0 have an information disclosure vulnerability resulting from abuse of the pre-population service in AEM Forms.
- risk 0.49cvss 7.5epss 0.04
Atlassian Confluence 6.x before 6.0.7 allows remote attackers to bypass authentication and read any blog or page via the drafts diff REST resource.
- risk 0.49cvss 7.5epss 0.01
An information leak vulnerability in Juniper Networks NorthStar Controller Application prior to version 2.1.0 Service Pack 1 may allow a network-based malicious attacker to perform a man-in-the-middle attack, thereby stealing authentic credentials from encrypted paths which are…
- risk 0.49cvss 7.5epss 0.03
Information disclosure in Netgear WN604 before 3.3.3; WNAP210, WNAP320, WNDAP350, and WNDAP360 before 3.5.5.0; and WND930 before 2.0.11 allows remote attackers to read the wireless WPS PIN or passphrase by visiting unauthenticated webpages.
- risk 0.49cvss 7.5epss 0.02
MediaWiki before 1.23.15, 1.26.x before 1.26.4, and 1.27.x before 1.27.1 does not generate head items in the context of a given title, which allows remote attackers to obtain sensitive information via a parse action to api.php.
- risk 0.49cvss 7.5epss 0.02
MediaWiki before 1.23.15, 1.26.x before 1.26.4, and 1.27.x before 1.27.1, when $wgBlockDisablesLogin is true, might allow remote attackers to obtain sensitive information by leveraging failure to terminate sessions when a user account is blocked.
- risk 0.49cvss 7.5epss 0.01
Red Hat OpenShift Enterprise 2 does not include the HTTPOnly flag in a Set-Cookie header for the GEARID cookie, which makes it easier for remote attackers to obtain potentially sensitive information via script access to the cookies.
- risk 0.49cvss 7.5epss 0.01
Samsung Android devices with L(5.0/5.1), M(6.0), and N(7.x) software allow attackers to obtain sensitive information by reading a world-readable log file after an unexpected reboot. The Samsung ID is SVE-2017-8290.
- risk 0.49cvss 7.5epss 0.01
An exploitable information disclosure vulnerability exists in the Web Application functionality of Moxa AWK-3131A Wireless Access Point. Retrieving a series of URLs without authentication can reveal sensitive configuration and system information to an attacker.
- risk 0.49cvss 7.5epss 0.02
botan 1.11.x before 1.11.22 makes it easier for remote attackers to decrypt TLS ciphertext data via a padding-oracle attack against TLS CBC ciphersuites.
- risk 0.49cvss 7.5epss 0.01
In KeePassX before 0.4.4, a cleartext copy of password data is created upon a cancel of an XML export action. This allows context-dependent attackers to obtain sensitive information by reading the .xml dotfile.
- risk 0.49cvss 7.5epss 0.01
CloudView NMS before 2.10a allows remote attackers to obtain sensitive information via a direct request for admin/auto.def.
- risk 0.49cvss 7.5epss 0.01
OSRAM SYLVANIA Osram Lightify Home before 2016-07-26 stores a PSK in cleartext under /private/var/mobile/Containers/Data/Application.