CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
Description
The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.
Hierarchy (View 1000)
Related attack patterns (CAPEC)
CAPEC-116 · CAPEC-13 · CAPEC-169 · CAPEC-22 · CAPEC-224 · CAPEC-285 · CAPEC-287 · CAPEC-290 · CAPEC-291 · CAPEC-292 · CAPEC-293 · CAPEC-294 · CAPEC-295 · CAPEC-296 · CAPEC-297 · CAPEC-298 · CAPEC-299 · CAPEC-300 · CAPEC-301 · CAPEC-302 · CAPEC-303 · CAPEC-304 · CAPEC-305 · CAPEC-306 · CAPEC-307 · CAPEC-308 · CAPEC-309 · CAPEC-310 · CAPEC-312 · CAPEC-313 · CAPEC-317 · CAPEC-318 · CAPEC-319 · CAPEC-320 · CAPEC-321 · CAPEC-322 · CAPEC-323 · CAPEC-324 · CAPEC-325 · CAPEC-326 · CAPEC-327 · CAPEC-328 · CAPEC-329 · CAPEC-330 · CAPEC-472 · CAPEC-497 · CAPEC-508 · CAPEC-573 · CAPEC-574 · CAPEC-575 · CAPEC-576 · CAPEC-577 · CAPEC-59 · CAPEC-60 · CAPEC-616 · CAPEC-643 · CAPEC-646 · CAPEC-651 · CAPEC-79
CVEs mapped to this weakness (7,319)
page 74 of 366| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2021-39192 | Med | 0.42 | 6.5 | 0.01 | Sep 3, 2021 | Ghost is a Node.js content management system. An error in the implementation of the limits service between versions 4.0.0 and 4.9.4 allows all authenticated users (including contributors) to view admin-level API keys via the integrations API endpoint, leading to a privilege… | ||
| CVE-2021-32717 | — | Hig | 0.42 | 7.5 | 0.01 | Jun 24, 2021 | Shopware is an open source eCommerce platform. In versions prior to 6.4.1.1 private files publicly accessible with Cloud Storage providers when the hashed URL is known. Users are recommend to first change their configuration to set the correct visibility according to the… | |
| CVE-2021-20228 | — | Hig | 0.42 | 7.5 | 0.02 | Apr 29, 2021 | A flaw was found in the Ansible Engine 2.9.18, where sensitive info is not masked by default and is not protected by the no_log feature when using the sub-option feature of the basic.py module. This flaw allows an attacker to obtain sensitive information. The highest threat from… | |
| CVE-2020-7763 | — | Hig | 0.42 | 7.5 | 0.02 | Nov 5, 2020 | This affects the package phantom-html-to-pdf before 0.6.1. | |
| CVE-2020-6164 | — | Hig | 0.42 | 7.5 | 0.02 | Jul 15, 2020 | In SilverStripe through 4.5.0, a specific URL path configured by default through the silverstripe/framework module can be used to disclose the fact that a domain is hosting a Silverstripe application. There is no disclosure of the specific version. The functionality on this URL… | |
| CVE-2016-11066 | — | Hig | 0.42 | 7.5 | 0.01 | Jun 19, 2020 | An issue was discovered in Mattermost Server before 3.2.0. The initial_load API disclosed unnecessary personal information. | |
| CVE-2020-4045 | Hig | 0.42 | 7.5 | 0.01 | Jun 11, 2020 | SSB-DB version 20.0.0 has an information disclosure vulnerability. The get() method is supposed to only decrypt messages when you explicitly ask it to, but there is a bug where it's decrypting any message that it can. This means that it is returning the decrypted content of… | ||
| CVE-2020-13444 | — | Med | 0.42 | 6.5 | 0.02 | Jun 10, 2020 | Liferay Portal 7.x before 7.3.2, and Liferay DXP 7.0 before fix pack 92, 7.1 before fix pack 18, and 7.2 before fix pack 5 does not sanitize the information returned by the DDMDataProvider API, which allows remote authenticated users to obtain the password to REST Data Providers. | |
| CVE-2020-13223 | — | Hig | 0.42 | 7.5 | 0.01 | Jun 10, 2020 | HashiCorp Vault and Vault Enterprise logged proxy environment variables that potentially included sensitive credentials. Fixed in 1.3.6 and 1.4.2. | |
| CVE-2020-8151 | — | Hig | 0.42 | 7.5 | 0.02 | May 12, 2020 | There is a possible information disclosure issue in Active Resource <v5.1.1 that could allow an attacker to create specially crafted requests to access data in an unexpected way and possibly leak information. | |
| CVE-2020-11009 | Med | 0.42 | 6.5 | 0.01 | Apr 29, 2020 | In Rundeck before version 3.2.6, authenticated users can craft a request that reveals Execution data and logs and Job details that they are not authorized to see. Depending on the configuration and the way that Rundeck is used, this could result in anything between a high… | ||
| CVE-2020-1942 | — | Hig | 0.42 | 7.5 | 0.03 | Feb 11, 2020 | In Apache NiFi 0.0.1 to 1.11.0, the flow fingerprint factory generated flow fingerprints which included sensitive property descriptor values. In the event a node attempted to join a cluster and the cluster flow was not inheritable, the flow fingerprint of both the cluster and… | |
| CVE-2020-1932 | Med | 0.42 | 6.5 | 0.01 | Jan 28, 2020 | An information disclosure issue was found in Apache Superset 0.34.0, 0.34.1, 0.35.0, and 0.35.1. Authenticated Apache Superset users are able to retrieve other users' information, including hashed passwords, by accessing an unused and undocumented API endpoint on Apache Superset. | ||
| CVE-2019-10195 | — | Med | 0.42 | 6.5 | 0.01 | Nov 27, 2019 | A flaw was found in IPA, all 4.6.x versions before 4.6.7, all 4.7.x versions before 4.7.4 and all 4.8.x versions before 4.8.3, in the way that FreeIPA's batch processing API logged operations. This included passing user passwords in clear text on FreeIPA masters. Batch… | |
| CVE-2011-4901 | Med | 0.42 | 6.5 | 0.01 | Nov 6, 2019 | TYPO3 before 4.3.12, 4.4.x before 4.4.9, and 4.5.x before 4.5.4 allows remote attackers to extract arbitrary information from the TYPO3 database. | ||
| CVE-2011-4900 | Med | 0.42 | 6.5 | 0.01 | Nov 6, 2019 | TYPO3 before 4.5.4 allows Information Disclosure in the backend. | ||
| CVE-2011-4627 | Med | 0.42 | 6.5 | 0.01 | Nov 6, 2019 | TYPO3 before 4.3.12, 4.4.x before 4.4.9, and 4.5.x before 4.5.4 allows Information Disclosure on the backend. | ||
| CVE-2010-3664 | — | Med | 0.42 | 6.5 | 0.01 | Nov 4, 2019 | TYPO3 before 4.1.14, 4.2.x before 4.2.13, 4.3.x before 4.3.4 and 4.4.x before 4.4.1 allows Information Disclosure on the backend. | |
| CVE-2019-10407 | Med | 0.42 | 6.5 | 0.01 | Sep 25, 2019 | Jenkins Project Inheritance Plugin 2.0.0 and earlier displayed a list of environment variables passed to a build without masking sensitive variables contributed by the Mask Passwords Plugin. | ||
| CVE-2018-21019 | — | Hig | 0.42 | 7.5 | 0.02 | Sep 23, 2019 | Home Assistant before 0.67.0 was vulnerable to an information disclosure that allowed an unauthenticated attacker to read the application's error log via components/api.py. |
- risk 0.42cvss 6.5epss 0.01
Ghost is a Node.js content management system. An error in the implementation of the limits service between versions 4.0.0 and 4.9.4 allows all authenticated users (including contributors) to view admin-level API keys via the integrations API endpoint, leading to a privilege…
- risk 0.42cvss 7.5epss 0.01
Shopware is an open source eCommerce platform. In versions prior to 6.4.1.1 private files publicly accessible with Cloud Storage providers when the hashed URL is known. Users are recommend to first change their configuration to set the correct visibility according to the…
- risk 0.42cvss 7.5epss 0.02
A flaw was found in the Ansible Engine 2.9.18, where sensitive info is not masked by default and is not protected by the no_log feature when using the sub-option feature of the basic.py module. This flaw allows an attacker to obtain sensitive information. The highest threat from…
- risk 0.42cvss 7.5epss 0.02
This affects the package phantom-html-to-pdf before 0.6.1.
- risk 0.42cvss 7.5epss 0.02
In SilverStripe through 4.5.0, a specific URL path configured by default through the silverstripe/framework module can be used to disclose the fact that a domain is hosting a Silverstripe application. There is no disclosure of the specific version. The functionality on this URL…
- risk 0.42cvss 7.5epss 0.01
An issue was discovered in Mattermost Server before 3.2.0. The initial_load API disclosed unnecessary personal information.
- risk 0.42cvss 7.5epss 0.01
SSB-DB version 20.0.0 has an information disclosure vulnerability. The get() method is supposed to only decrypt messages when you explicitly ask it to, but there is a bug where it's decrypting any message that it can. This means that it is returning the decrypted content of…
- risk 0.42cvss 6.5epss 0.02
Liferay Portal 7.x before 7.3.2, and Liferay DXP 7.0 before fix pack 92, 7.1 before fix pack 18, and 7.2 before fix pack 5 does not sanitize the information returned by the DDMDataProvider API, which allows remote authenticated users to obtain the password to REST Data Providers.
- risk 0.42cvss 7.5epss 0.01
HashiCorp Vault and Vault Enterprise logged proxy environment variables that potentially included sensitive credentials. Fixed in 1.3.6 and 1.4.2.
- risk 0.42cvss 7.5epss 0.02
There is a possible information disclosure issue in Active Resource <v5.1.1 that could allow an attacker to create specially crafted requests to access data in an unexpected way and possibly leak information.
- risk 0.42cvss 6.5epss 0.01
In Rundeck before version 3.2.6, authenticated users can craft a request that reveals Execution data and logs and Job details that they are not authorized to see. Depending on the configuration and the way that Rundeck is used, this could result in anything between a high…
- risk 0.42cvss 7.5epss 0.03
In Apache NiFi 0.0.1 to 1.11.0, the flow fingerprint factory generated flow fingerprints which included sensitive property descriptor values. In the event a node attempted to join a cluster and the cluster flow was not inheritable, the flow fingerprint of both the cluster and…
- risk 0.42cvss 6.5epss 0.01
An information disclosure issue was found in Apache Superset 0.34.0, 0.34.1, 0.35.0, and 0.35.1. Authenticated Apache Superset users are able to retrieve other users' information, including hashed passwords, by accessing an unused and undocumented API endpoint on Apache Superset.
- risk 0.42cvss 6.5epss 0.01
A flaw was found in IPA, all 4.6.x versions before 4.6.7, all 4.7.x versions before 4.7.4 and all 4.8.x versions before 4.8.3, in the way that FreeIPA's batch processing API logged operations. This included passing user passwords in clear text on FreeIPA masters. Batch…
- risk 0.42cvss 6.5epss 0.01
TYPO3 before 4.3.12, 4.4.x before 4.4.9, and 4.5.x before 4.5.4 allows remote attackers to extract arbitrary information from the TYPO3 database.
- risk 0.42cvss 6.5epss 0.01
TYPO3 before 4.5.4 allows Information Disclosure in the backend.
- risk 0.42cvss 6.5epss 0.01
TYPO3 before 4.3.12, 4.4.x before 4.4.9, and 4.5.x before 4.5.4 allows Information Disclosure on the backend.
- risk 0.42cvss 6.5epss 0.01
TYPO3 before 4.1.14, 4.2.x before 4.2.13, 4.3.x before 4.3.4 and 4.4.x before 4.4.1 allows Information Disclosure on the backend.
- risk 0.42cvss 6.5epss 0.01
Jenkins Project Inheritance Plugin 2.0.0 and earlier displayed a list of environment variables passed to a build without masking sensitive variables contributed by the Mask Passwords Plugin.
- risk 0.42cvss 7.5epss 0.02
Home Assistant before 0.67.0 was vulnerable to an information disclosure that allowed an unauthenticated attacker to read the application's error log via components/api.py.