VYPR

CWE-200

Exposure of Sensitive Information to an Unauthorized Actor

ClassDraftLikelihood: High

Description

The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

Hierarchy (View 1000)

Related attack patterns (CAPEC)

CAPEC-116 · CAPEC-13 · CAPEC-169 · CAPEC-22 · CAPEC-224 · CAPEC-285 · CAPEC-287 · CAPEC-290 · CAPEC-291 · CAPEC-292 · CAPEC-293 · CAPEC-294 · CAPEC-295 · CAPEC-296 · CAPEC-297 · CAPEC-298 · CAPEC-299 · CAPEC-300 · CAPEC-301 · CAPEC-302 · CAPEC-303 · CAPEC-304 · CAPEC-305 · CAPEC-306 · CAPEC-307 · CAPEC-308 · CAPEC-309 · CAPEC-310 · CAPEC-312 · CAPEC-313 · CAPEC-317 · CAPEC-318 · CAPEC-319 · CAPEC-320 · CAPEC-321 · CAPEC-322 · CAPEC-323 · CAPEC-324 · CAPEC-325 · CAPEC-326 · CAPEC-327 · CAPEC-328 · CAPEC-329 · CAPEC-330 · CAPEC-472 · CAPEC-497 · CAPEC-508 · CAPEC-573 · CAPEC-574 · CAPEC-575 · CAPEC-576 · CAPEC-577 · CAPEC-59 · CAPEC-60 · CAPEC-616 · CAPEC-643 · CAPEC-646 · CAPEC-651 · CAPEC-79

CVEs mapped to this weakness (7,319)

page 76 of 366
  • CVE-2018-15697MedAug 27, 2018
    risk 0.42cvss 6.5epss 0.01

    ASUSTOR Data Master 3.1.5 and below allows authenticated remote non-administrative users to read any file on a share by providing the full path. For example, /home/admin/.ash_history.

  • CVE-2018-1000645MedAug 20, 2018
    risk 0.42cvss 6.5epss 0.01

    LibreHealthIO lh-ehr version <REL-2.0.0 contains an Authenticated Local File Disclosure vulnerability in Importing of templates allows local file disclosure that can result in Disclosure of sensitive files on the server. This attack appear to be exploitable via User controlled…

  • CVE-2018-15357MedAug 17, 2018
    risk 0.42cvss 6.5epss 0.01

    An authenticated attacker with low privileges can extract password hash information for all users in Eltex ESP-200 firmware version 1.2.0.

  • CVE-2017-1286MedAug 13, 2018
    risk 0.42cvss 6.5epss 0.01

    Sensitive information about the configuration of the IBM UrbanCode Deploy 6.1 through 6.9.6.0 server and database can be obtained by a user who has been given elevated permissions in the UI, even after those elevated permissions have been revoked. IBM X-Force ID: 125147.

  • CVE-2018-15132HigAug 7, 2018
    risk 0.42cvss 7.5epss 0.05

    An issue was discovered in ext/standard/link_win32.c in PHP before 5.6.37, 7.0.x before 7.0.31, 7.1.x before 7.1.20, and 7.2.x before 7.2.8. The linkinfo function on Windows doesn't implement the open_basedir check. This could be abused to find files on paths outside of the…

  • CVE-2018-14941MedAug 5, 2018
    risk 0.42cvss 6.5epss 0.01

    Harmonic NSG 9000 devices allow remote authenticated users to read the webapp.py source code via a direct request for the /webapp.py URI.

  • CVE-2018-1999033MedAug 1, 2018
    risk 0.42cvss 6.5epss 0.01

    An exposure of sensitive information vulnerability exists in Jenkins Anchore Container Image Scanner Plugin 10.16 and earlier in AnchoreBuilder.java that allows attackers with Item/ExtendedRead permission or file system access to the Jenkins master to obtain the password stored…

  • CVE-2018-14316MedJul 31, 2018
    risk 0.42cvss 6.5epss 0.03

    This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Foxit Reader 9.0.1.5096. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific…

  • CVE-2018-11621MedJul 31, 2018
    risk 0.42cvss 6.5epss 0.03

    This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Foxit Reader 9.0.1.1049. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific…

  • CVE-2018-11620MedJul 31, 2018
    risk 0.42cvss 6.5epss 0.03

    This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Foxit Reader 9.0.1.1049. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific…

  • CVE-2018-14602HigJul 27, 2018
    risk 0.42cvss 7.5epss 0.02

    An issue was discovered in GitLab Community and Enterprise Edition before 10.8.7, 11.0.x before 11.0.5, and 11.1.x before 11.1.2. Information Disclosure can occur because the Prometheus metrics feature discloses private project pathnames.

  • CVE-2016-6540MedJul 6, 2018
    risk 0.42cvss 6.5epss 0.01

    Unauthenticated access to the cloud-based service maintained by TrackR Bravo is allowed for querying or sending GPS data for any Trackr device by using the tracker ID number which can be discovered as described in CVE-2016-6539. Updated apps, version 5.1.6 for iOS and 2.2.5 for…

  • CVE-2018-9998MedJul 5, 2018
    risk 0.42cvss 6.5epss 0.02

    Open-Xchange OX App Suite before 7.6.3-rev37, 7.8.x before 7.8.2-rev40, 7.8.3 before 7.8.3-rev48, and 7.8.4 before 7.8.4-rev28 include folder names in API error responses, which allows remote attackers to obtain sensitive information via the folder parameter in an "all" action…

  • CVE-2018-12021MedJul 5, 2018
    risk 0.42cvss 6.5epss 0.02

    Singularity 2.3.0 through 2.5.1 is affected by an incorrect access control on systems supporting overlay file system. When using the overlay option, a malicious user may access sensitive information by exploiting a few specific Singularity features.

  • CVE-2018-5436MedJun 27, 2018
    risk 0.42cvss 6.5epss 0.01

    The Spotfire server component of TIBCO Software Inc.'s TIBCO Spotfire Analytics Platform for AWS Marketplace, and TIBCO Spotfire Server contain multiple vulnerabilities that may allow for the disclosure of information, including user and data source credentials. Affected…

  • CVE-2018-1000609MedJun 26, 2018
    risk 0.42cvss 6.5epss 0.01

    A exposure of sensitive information vulnerability exists in Jenkins Configuration as Code Plugin 0.7-alpha and earlier in ConfigurationAsCode.java that allows attackers with Overall/Read access to obtain the YAML export of the Jenkins configuration.

  • CVE-2018-5133MedJun 11, 2018
    risk 0.42cvss 6.5epss 0.02

    If the "app.support.baseURL" preference is changed by a malicious local program to contain HTML and script content, this content is not sanitized. It will be executed if a user loads "chrome://browser/content/preferences/in-content/preferences.xul" directly in a tab and executes…

  • CVE-2018-5132MedJun 11, 2018
    risk 0.42cvss 6.5epss 0.01

    The Find API for WebExtensions can search some privileged pages, such as "about:debugging", if these pages are open in a tab. This could allow a malicious WebExtension to search for otherwise protected data if a user has it open. This vulnerability affects Firefox < 59.

  • CVE-2017-7844MedJun 11, 2018
    risk 0.42cvss 6.5epss 0.02

    A combination of an external SVG image referenced on a page and the coloring of anchor links stored within this image can be used to determine which pages a user has in their history. This can allow a malicious website to query user history. Note: This issue only affects Firefox…

  • CVE-2017-5407MedJun 11, 2018
    risk 0.42cvss 6.5epss 0.03

    Using SVG filters that don't use the fixed point math implementation on a target iframe, a malicious page can extract pixel values from a targeted user. This can be used to extract history information and read text values across domains. This violates same-origin policy and…