CWE-200

High likelihood

Exposure of Sensitive Information to an Unauthorized Actor

Parent: CWE-668 - Exposure of Resource to Wrong Sphere

The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

10,151 vulnerabilities with CWE-200
CVE-2023-23613 MEDIUM
OpenSearch 1.0.0-1.3.7 and 2.0.0-2.4.1 - Authenticated Exposure of Sensitive Information via Field-Level Security Bypass
CVSS 5.7
CVE-2023-0321 CRITICAL
Campbell Scientific dataloggers - Info Disclosure
CVSS 9.1
CVE-2023-24069 LOW
Signal Desktop <6.2.0 - Info Disclosure
CVSS 3.3
CVE-2023-22875 HIGH
IBM QRadar SIEM 7.4 and 7.5 - Unauthorized Exposure of Certificate Key Files
CVSS 8.4
CVE-2023-0023 MEDIUM
SAP Bank Account Management - Exposure of Sensitive Information via Smart Link URL
CVSS 4.5
CVE-2023-0113 MEDIUM
Netis Netcore Router <2.2.6 - Info Disclosure
CVSS 5.3
CVE-2023-22453 MEDIUM
Discourse <2.8.14, <3.0.0.beta16 - Info Disclosure
CVSS 5.3
CVE-2022-48610 MEDIUM
iPadOS < 16.2 - Unauthorized Access to User-Sensitive Data
CVSS 5.5
CVE-2022-20648 MEDIUM
Cisco RCM for Cisco StarOS Software - Info Disclosure
CVSS 5.3
CVE-2022-26327 MEDIUM
OpenText Performance Center <12.63 - Info Disclosure
CVE-2022-45449 MEDIUM
Acronis Cyber Protect 15 < build 30984 - Unauthorized Sensitive Information Exposure via Excessive Agent Privileges
CVSS 6.5
CVE-2022-32933 MEDIUM
macOS < 12.5 - Unauthorized User Browsing History Exposure via Safari Private Browsing Mode
CVSS 5.3
CVE-2022-32751 MEDIUM
IBM Security Verify Directory 10.0.0 - Exposure of Sensitive Server Information
CVSS 5.3
CVE-2022-43890 MEDIUM
IBM Security Verify Privilege On-Premises <11.5 - Info Disclosure
CVSS 5.3
CVE-2022-22506 MEDIUM
IBM Robotic Process Automation <21.0.2 - Info Disclosure
CVSS 4.6
CVE-2022-47160 MEDIUM
Wpmet Wp Social Login and Register Social Counter <1.9.0 - Info Dis...
CVSS 6.5
CVE-2022-42839 LOW
iPadOS < 16.2 - Unauthorized Sensitive Location Information Exposure
CVSS 3.3
CVE-2022-32931 MEDIUM
macOS < 13.0 - Unauthorized User Data Access by Root App
CVSS 5.5
CVE-2022-40696 LOW
Advanced Custom Fields (ACF) 3.1.1-6.0.2 - Exposure of Sensitive Information
CVSS 3.7
CVE-2022-45354 MEDIUM
WPChill Download Monitor < 4.7.60 - Exposure of Sensitive Information to an Unauthorized Actor
CVSS 5.3
CVE-2022-44589 HIGH
miniOrange Google Authenticator < 5.6.1 - Exposure of Sensitive Information
CVSS 8.1
CVE-2022-36399 MEDIUM
BoxyStudio Booked <2.4.4 - Info Disclosure
CVSS 5.3
CVE-2022-47597 MEDIUM
Popup Maker < 1.17.1 - Unauthenticated Exposure of Sensitive Information via Debug Log
CVSS 5.3
CVE-2022-36777 MEDIUM
IBM Cloud Pak for Security 1.10.0.0-1.10.11.0 & QRadar Suite 1.10.12.0-1.10.16.0 - Sensitive Info Exposure
CVSS 4.3
CVE-2022-46646 LOW
Intel Unison Software < 20.14.5683.0 - Authenticated Information Disclosure via Local Access
CVSS 2.2
Details
Vulnerabilities 10,151
Exploit Likelihood High
Links
MITRE CWE Entry Search this CWE With Exploits