VYPR

CWE-200

Exposure of Sensitive Information to an Unauthorized Actor

ClassDraftLikelihood: High

Description

The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

Hierarchy (View 1000)

Related attack patterns (CAPEC)

CAPEC-116 · CAPEC-13 · CAPEC-169 · CAPEC-22 · CAPEC-224 · CAPEC-285 · CAPEC-287 · CAPEC-290 · CAPEC-291 · CAPEC-292 · CAPEC-293 · CAPEC-294 · CAPEC-295 · CAPEC-296 · CAPEC-297 · CAPEC-298 · CAPEC-299 · CAPEC-300 · CAPEC-301 · CAPEC-302 · CAPEC-303 · CAPEC-304 · CAPEC-305 · CAPEC-306 · CAPEC-307 · CAPEC-308 · CAPEC-309 · CAPEC-310 · CAPEC-312 · CAPEC-313 · CAPEC-317 · CAPEC-318 · CAPEC-319 · CAPEC-320 · CAPEC-321 · CAPEC-322 · CAPEC-323 · CAPEC-324 · CAPEC-325 · CAPEC-326 · CAPEC-327 · CAPEC-328 · CAPEC-329 · CAPEC-330 · CAPEC-472 · CAPEC-497 · CAPEC-508 · CAPEC-573 · CAPEC-574 · CAPEC-575 · CAPEC-576 · CAPEC-577 · CAPEC-59 · CAPEC-60 · CAPEC-616 · CAPEC-643 · CAPEC-646 · CAPEC-651 · CAPEC-79

CVEs mapped to this weakness (7,319)

page 5 of 366
  • CVE-2018-3813CriJan 1, 2018
    risk 0.64cvss 9.8epss 0.01

    getConfigExportFile.cgi on FLIR Brickstream 2300 devices 2.0 4.1.53.166 has Incorrect Access Control, as demonstrated by reading the AVI_USER_ID and AVI_USER_PASSWORD fields via a direct request.

  • CVE-2017-6094CriDec 20, 2017
    risk 0.64cvss 9.8epss 0.01

    CPEs used by subscribers on the access network receive their individual configuration settings from a central GAPS instance. A CPE identifies itself by the MAC address of its WAN interface and a certain "chk" value (48bit) derived from the MAC. The algorithm used to compute the…

  • CVE-2017-17735CriDec 18, 2017
    risk 0.64cvss 9.8epss 0.01

    CMS Made Simple (CMSMS) before 2.2.5 does not properly cache login information in cookies.

  • CVE-2017-17734CriDec 18, 2017
    risk 0.64cvss 9.8epss 0.01

    CMS Made Simple (CMSMS) before 2.2.5 does not properly cache login information in sessions.

  • CVE-2017-3185CriDec 16, 2017
    risk 0.64cvss 9.8epss 0.03

    ACTi cameras including the D, B, I, and E series using firmware version A1D-500-V6.11.31-AC have a web application that uses the GET method to process requests that contain sensitive information such as user account name and password, which can expose that information through…

  • CVE-2017-13664CriDec 1, 2017
    risk 0.64cvss 9.8epss 0.02

    Password file exposure in firmware in iSmartAlarm CubeOne version 2.2.4.8 and earlier allows attackers to execute arbitrary commands with administrative privileges by retrieving credentials from this file.

  • CVE-2017-13701CriNov 23, 2017
    risk 0.64cvss 9.8epss 0.02

    An issue was discovered on MOXA EDS-G512E 5.1 build 16072215 devices. The backup file contains sensitive information in a insecure way. There is no salt for password hashing. Indeed passwords are stored without being ciphered with a timestamped ciphering method.

  • CVE-2016-1265CriOct 13, 2017
    risk 0.64cvss 9.8epss 0.02

    A remote unauthenticated network based attacker with access to Junos Space may execute arbitrary code on Junos Space or gain access to devices managed by Junos Space using cross site request forgery (CSRF), default authentication credentials, information leak and command…

  • CVE-2015-8707CriSep 26, 2017
    risk 0.64cvss 9.8epss 0.01

    Password reset tokens in Magento CE before 1.9.2.2, and Magento EE before 1.14.2.2 are passed via a GET request and not canceled after use, which allows remote attackers to obtain user passwords via a crafted external service with access to the referrer field.

  • CVE-2017-9393CriSep 22, 2017
    risk 0.64cvss 9.8epss 0.02

    CA Identity Manager r12.6 to r12.6 SP8, 14.0, and 14.1 allows remote attackers to potentially identify passwords of locked accounts through an exhaustive search.

  • CVE-2015-5284CriSep 21, 2017
    risk 0.64cvss 9.8epss 0.01

    ipa-kra-install in FreeIPA before 4.2.2 puts the CA agent certificate and private key in /etc/httpd/alias/kra-agent.pem, which is world readable.

  • CVE-2014-8174CriSep 19, 2017
    risk 0.64cvss 9.8epss 0.03

    eDeploy makes it easier for remote attackers to execute arbitrary code by leveraging use of HTTP to download files.

  • CVE-2017-14269CriSep 11, 2017
    risk 0.64cvss 9.8epss 0.02

    EE 4GEE WiFi MBB (before EE60_00_05.00_31) devices allow remote attackers to obtain sensitive information via a JSONP endpoint, as demonstrated by passwords and SMS content.

  • CVE-2016-3086CriSep 5, 2017
    risk 0.64cvss 9.8epss 0.04

    The YARN NodeManager in Apache Hadoop 2.6.x before 2.6.5 and 2.7.x before 2.7.3 can leak the password for credential store provider used by the NodeManager to YARN Applications.

  • CVE-2010-3845CriAug 8, 2017
    risk 0.64cvss 9.8epss 0.02

    libapache-authenhook-perl 2.00-04 stores usernames and passwords in plaintext in the vhost error log.

  • CVE-2017-4923CriAug 1, 2017
    risk 0.64cvss 9.8epss 0.02

    VMware vCenter Server (6.5 prior to 6.5 U1) contains an information disclosure vulnerability. This issue may allow plaintext credentials to be obtained when using the vCenter Server Appliance file-based backup feature.

  • CVE-2017-9788CriJul 13, 2017
    risk 0.64cvss 9.1epss 0.57

    In Apache httpd before 2.2.34 and 2.4.x before 2.4.27, the value placeholder in [Proxy-]Authorization headers of type 'Digest' was not initialized or reset before or between successive key=value assignments by mod_auth_digest. Providing an initial key with no '=' assignment…

  • CVE-2016-8964CriJul 13, 2017
    risk 0.64cvss 9.8epss 0.02

    IBM BigFix Inventory v9 9.2 uses an inadequate account lockout setting that could allow a remote attacker to brute force account credentials. IBM X-Force ID: 118853.

  • CVE-2017-6709CriJul 6, 2017
    risk 0.64cvss 9.8epss 0.01

    A vulnerability in the AutoVNF tool for the Cisco Ultra Services Framework could allow an unauthenticated, remote attacker to access administrative credentials for Cisco Elastic Services Controller (ESC) and Cisco OpenStack deployments in an affected system. The vulnerability…

  • CVE-2017-6708CriJul 6, 2017
    risk 0.64cvss 9.8epss 0.01

    A vulnerability in the symbolic link (symlink) creation functionality of the AutoVNF tool for the Cisco Ultra Services Framework could allow an unauthenticated, remote attacker to read sensitive files or execute malicious code on an affected system. The vulnerability is due to…