CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
Description
The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.
Hierarchy (View 1000)
Related attack patterns (CAPEC)
CAPEC-116 · CAPEC-13 · CAPEC-169 · CAPEC-22 · CAPEC-224 · CAPEC-285 · CAPEC-287 · CAPEC-290 · CAPEC-291 · CAPEC-292 · CAPEC-293 · CAPEC-294 · CAPEC-295 · CAPEC-296 · CAPEC-297 · CAPEC-298 · CAPEC-299 · CAPEC-300 · CAPEC-301 · CAPEC-302 · CAPEC-303 · CAPEC-304 · CAPEC-305 · CAPEC-306 · CAPEC-307 · CAPEC-308 · CAPEC-309 · CAPEC-310 · CAPEC-312 · CAPEC-313 · CAPEC-317 · CAPEC-318 · CAPEC-319 · CAPEC-320 · CAPEC-321 · CAPEC-322 · CAPEC-323 · CAPEC-324 · CAPEC-325 · CAPEC-326 · CAPEC-327 · CAPEC-328 · CAPEC-329 · CAPEC-330 · CAPEC-472 · CAPEC-497 · CAPEC-508 · CAPEC-573 · CAPEC-574 · CAPEC-575 · CAPEC-576 · CAPEC-577 · CAPEC-59 · CAPEC-60 · CAPEC-616 · CAPEC-643 · CAPEC-646 · CAPEC-651 · CAPEC-79
CVEs mapped to this weakness (7,319)
page 49 of 366| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2017-5926 | Hig | 0.49 | 7.5 | 0.02 | Feb 27, 2017 | Page table walks conducted by the MMU during virtual to physical address translation leave a trace in the last level cache of modern AMD processors. By performing a side-channel attack on the MMU operations, it is possible to leak data and code pointers from JavaScript, breaking… | ||
| CVE-2017-5925 | Hig | 0.49 | 7.5 | 0.02 | Feb 27, 2017 | Page table walks conducted by the MMU during virtual to physical address translation leave a trace in the last level cache of modern Intel processors. By performing a side-channel attack on the MMU operations, it is possible to leak data and code pointers from JavaScript,… | ||
| CVE-2017-3841 | Hig | 0.49 | 7.5 | 0.02 | Feb 22, 2017 | A vulnerability in the web interface of the Cisco Secure Access Control System (ACS) could allow an unauthenticated, remote attacker to disclose sensitive information. More Information: CSCvc04854. Known Affected Releases: 5.8(2.5). | ||
| CVE-2015-4057 | Hig | 0.49 | 7.5 | 0.01 | Feb 21, 2017 | The "Plug-in for VMware vCenter" in VCE Vision Intelligent Operations before 2.6.5 sends a cleartext HTTP response upon a request for the Settings screen, which allows remote attackers to discover the admin user password by sniffing the network. | ||
| CVE-2016-5786 | Hig | 0.49 | 7.5 | 0.02 | Feb 13, 2017 | An issue was discovered in OmniMetrix OmniView, Version 1.2. The OmniView web application transmits credentials with the HTTP protocol, which could be sniffed by an attacker that may result in the compromise of account credentials. | ||
| CVE-2016-3995 | Hig | 0.49 | 7.5 | 0.02 | Feb 13, 2017 | The timing attack protection in Rijndael::Enc::ProcessAndXorBlock and Rijndael::Dec::ProcessAndXorBlock in Crypto++ (aka cryptopp) before 5.6.4 may be optimized out by the compiler, which allows attackers to conduct timing attacks. | ||
| CVE-2016-4341 | Hig | 0.49 | 7.5 | 0.02 | Feb 7, 2017 | NetApp Clustered Data ONTAP before 8.3.2P7 allows remote attackers to obtain SMB share information via unspecified vectors. | ||
| CVE-2015-8544 | Hig | 0.49 | 7.5 | 0.02 | Feb 7, 2017 | NetApp SnapDrive for Windows before 7.0.2P4, 7.0.3, and 7.1 before 7.1.3P1 allows remote attackers to obtain sensitive information via unspecified vectors. | ||
| CVE-2016-6068 | Hig | 0.49 | 7.5 | 0.01 | Feb 1, 2017 | IBM UrbanCode Deploy could allow an authenticated user with access to the REST endpoints to access API and CLI getResource secured role properties. | ||
| CVE-2016-5958 | Hig | 0.49 | 7.5 | 0.02 | Feb 1, 2017 | IBM Security Privileged Identity Manager could allow a remote attacker to obtain sensitive information, caused by the failure to set the secure flag for the session cookie in SSL mode. By intercepting its transmission within an HTTP session, an attacker could exploit this… | ||
| CVE-2016-9418 | Hig | 0.49 | 7.5 | 0.02 | Jan 31, 2017 | MyBB (aka MyBulletinBoard) before 1.8.8 on Windows and MyBB Merge System before 1.8.8 on Windows might allow remote attackers to obtain sensitive information from ACP backups via vectors involving a short name. | ||
| CVE-2016-9414 | Hig | 0.49 | 7.5 | 0.02 | Jan 31, 2017 | MyBB (aka MyBulletinBoard) before 1.8.7 and MyBB Merge System before 1.8.7 allow remote attackers to obtain sensitive information by leveraging missing directory listing protection in upload directories. | ||
| CVE-2016-9410 | Hig | 0.49 | 7.5 | 0.02 | Jan 31, 2017 | MyBB (aka MyBulletinBoard) before 1.8.7 and MyBB Merge System before 1.8.7 might allow remote attackers to obtain sensitive database information via vectors involving templates. | ||
| CVE-2016-10181 | Hig | 0.49 | 7.5 | 0.04 | Jan 30, 2017 | An issue was discovered on the D-Link DWR-932B router. qmiweb provides sensitive information for CfgType=get_homeCfg requests. | ||
| CVE-2016-10002 | Hig | 0.49 | 7.5 | 0.07 | Jan 27, 2017 | Incorrect processing of responses to If-None-Modified HTTP conditional requests in Squid HTTP Proxy 3.1.10 through 3.1.23, 3.2.0.3 through 3.5.22, and 4.0.1 through 4.0.16 leads to client-specific Cookie data being leaked to other clients. Attack requests can easily be crafted… | ||
| CVE-2017-5372 | Hig | 0.49 | 7.5 | 0.03 | Jan 23, 2017 | The function msp (aka MSPRuntimeInterface) in the P4 SERVERCORE component in SAP AS JAVA allows remote attackers to obtain sensitive system information by leveraging a missing authorization check for the (1) getInformation, (2) getParameters, (3) getServiceInfo, (4)… | ||
| CVE-2016-6668 | Hig | 0.49 | 7.5 | 0.04 | Jan 23, 2017 | The Atlassian Hipchat Integration Plugin for Bitbucket Server 6.26.0 before 6.27.5, 6.28.0 before 7.3.7, and 7.4.0 before 7.8.17; Confluence HipChat plugin 6.26.0 before 7.8.17; and HipChat for JIRA plugin 6.26.0 before 7.8.17 allows remote attackers to obtain the secret key for… | ||
| CVE-2017-5182 | Hig | 0.49 | 7.5 | 0.03 | Jan 23, 2017 | Remote Manager in Open Enterprise Server (OES) allows unauthenticated remote attackers to read any arbitrary file, via a specially crafted URL, that allows complete directory traversal and total information disclosure. This vulnerability is present on all versions of OES for… | ||
| CVE-2016-10143 | Hig | 0.49 | 7.5 | 0.02 | Jan 20, 2017 | A vulnerability in Tiki Wiki CMS 15.2 could allow a remote attacker to read arbitrary files on a targeted system via a crafted pathname in a banner URL field. | ||
| CVE-2016-9680 | Hig | 0.49 | 7.5 | 0.02 | Jan 18, 2017 | Citrix Provisioning Services before 7.12 allows attackers to obtain sensitive information from kernel memory via unspecified vectors. |
- risk 0.49cvss 7.5epss 0.02
Page table walks conducted by the MMU during virtual to physical address translation leave a trace in the last level cache of modern AMD processors. By performing a side-channel attack on the MMU operations, it is possible to leak data and code pointers from JavaScript, breaking…
- risk 0.49cvss 7.5epss 0.02
Page table walks conducted by the MMU during virtual to physical address translation leave a trace in the last level cache of modern Intel processors. By performing a side-channel attack on the MMU operations, it is possible to leak data and code pointers from JavaScript,…
- risk 0.49cvss 7.5epss 0.02
A vulnerability in the web interface of the Cisco Secure Access Control System (ACS) could allow an unauthenticated, remote attacker to disclose sensitive information. More Information: CSCvc04854. Known Affected Releases: 5.8(2.5).
- risk 0.49cvss 7.5epss 0.01
The "Plug-in for VMware vCenter" in VCE Vision Intelligent Operations before 2.6.5 sends a cleartext HTTP response upon a request for the Settings screen, which allows remote attackers to discover the admin user password by sniffing the network.
- risk 0.49cvss 7.5epss 0.02
An issue was discovered in OmniMetrix OmniView, Version 1.2. The OmniView web application transmits credentials with the HTTP protocol, which could be sniffed by an attacker that may result in the compromise of account credentials.
- risk 0.49cvss 7.5epss 0.02
The timing attack protection in Rijndael::Enc::ProcessAndXorBlock and Rijndael::Dec::ProcessAndXorBlock in Crypto++ (aka cryptopp) before 5.6.4 may be optimized out by the compiler, which allows attackers to conduct timing attacks.
- risk 0.49cvss 7.5epss 0.02
NetApp Clustered Data ONTAP before 8.3.2P7 allows remote attackers to obtain SMB share information via unspecified vectors.
- risk 0.49cvss 7.5epss 0.02
NetApp SnapDrive for Windows before 7.0.2P4, 7.0.3, and 7.1 before 7.1.3P1 allows remote attackers to obtain sensitive information via unspecified vectors.
- risk 0.49cvss 7.5epss 0.01
IBM UrbanCode Deploy could allow an authenticated user with access to the REST endpoints to access API and CLI getResource secured role properties.
- risk 0.49cvss 7.5epss 0.02
IBM Security Privileged Identity Manager could allow a remote attacker to obtain sensitive information, caused by the failure to set the secure flag for the session cookie in SSL mode. By intercepting its transmission within an HTTP session, an attacker could exploit this…
- risk 0.49cvss 7.5epss 0.02
MyBB (aka MyBulletinBoard) before 1.8.8 on Windows and MyBB Merge System before 1.8.8 on Windows might allow remote attackers to obtain sensitive information from ACP backups via vectors involving a short name.
- risk 0.49cvss 7.5epss 0.02
MyBB (aka MyBulletinBoard) before 1.8.7 and MyBB Merge System before 1.8.7 allow remote attackers to obtain sensitive information by leveraging missing directory listing protection in upload directories.
- risk 0.49cvss 7.5epss 0.02
MyBB (aka MyBulletinBoard) before 1.8.7 and MyBB Merge System before 1.8.7 might allow remote attackers to obtain sensitive database information via vectors involving templates.
- risk 0.49cvss 7.5epss 0.04
An issue was discovered on the D-Link DWR-932B router. qmiweb provides sensitive information for CfgType=get_homeCfg requests.
- risk 0.49cvss 7.5epss 0.07
Incorrect processing of responses to If-None-Modified HTTP conditional requests in Squid HTTP Proxy 3.1.10 through 3.1.23, 3.2.0.3 through 3.5.22, and 4.0.1 through 4.0.16 leads to client-specific Cookie data being leaked to other clients. Attack requests can easily be crafted…
- risk 0.49cvss 7.5epss 0.03
The function msp (aka MSPRuntimeInterface) in the P4 SERVERCORE component in SAP AS JAVA allows remote attackers to obtain sensitive system information by leveraging a missing authorization check for the (1) getInformation, (2) getParameters, (3) getServiceInfo, (4)…
- risk 0.49cvss 7.5epss 0.04
The Atlassian Hipchat Integration Plugin for Bitbucket Server 6.26.0 before 6.27.5, 6.28.0 before 7.3.7, and 7.4.0 before 7.8.17; Confluence HipChat plugin 6.26.0 before 7.8.17; and HipChat for JIRA plugin 6.26.0 before 7.8.17 allows remote attackers to obtain the secret key for…
- risk 0.49cvss 7.5epss 0.03
Remote Manager in Open Enterprise Server (OES) allows unauthenticated remote attackers to read any arbitrary file, via a specially crafted URL, that allows complete directory traversal and total information disclosure. This vulnerability is present on all versions of OES for…
- risk 0.49cvss 7.5epss 0.02
A vulnerability in Tiki Wiki CMS 15.2 could allow a remote attacker to read arbitrary files on a targeted system via a crafted pathname in a banner URL field.
- risk 0.49cvss 7.5epss 0.02
Citrix Provisioning Services before 7.12 allows attackers to obtain sensitive information from kernel memory via unspecified vectors.