CWE-200

High likelihood

Exposure of Sensitive Information to an Unauthorized Actor

Parent: CWE-668 - Exposure of Resource to Wrong Sphere

The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

10,151 vulnerabilities with CWE-200
CVE-2022-22216 MEDIUM
Juniper Networks Junos OS - Info Disclosure
CVSS 4.3
CVE-2022-2394 MEDIUM
Puppet Bolt <3.24.0 - Info Disclosure
CVSS 4.1
CVE-2022-2117 MEDIUM
GiveWP < 2.20.2 - Unauthenticated Sensitive Information Disclosure via Donor Wall REST-API Endpoint
CVSS 5.3
CVE-2022-30625 MEDIUM
CHCNAV P5E GNSS Firmware - Exposure of Information Through Directory Listing
CVSS 5.7
CVE-2022-2408 MEDIUM
Mattermost <= 6.7.0 - Unauthorized Public Channel List Exposure via Guest Account
CVSS 4.3
CVE-2022-2401 MEDIUM
Mattermost < 6.3.9 - Unauthenticated Exposure of Sensitive User Information via API
CVSS 6.5
CVE-2022-1662 MEDIUM
convert2rhel - Unauthorized Password Exposure via CLI Argument
CVSS 5.5
CVE-2022-35169 MEDIUM
SAP BusinessObjects BI Platform 420, 430 - Sensitive Info Exposure via LCMBIAR Password Decryption
CVSS 6.0
CVE-2022-31134 MEDIUM
Zulip Server >2.1.0 - Info Disclosure
CVSS 4.9
CVE-2022-29901 MEDIUM
Intel Core i7 Firmware - Spectre Retpoline Bypass Exposes Sensitive Information
CVSS 5.6
CVE-2022-33700 LOW
TelephonyUI <SMR Jul-2022 Release 1 - Info Disclosure
CVSS 2.0
CVE-2022-33699 LOW
TelephonyUI <SMR Jul-2022 Release 1 - Info Disclosure
CVSS 2.0
CVE-2022-33698 LOW
Telecom <SMR Jul-2022 Release 1 - Info Disclosure
CVSS 3.3
CVE-2022-33693 LOW
CID Manager <SMR Jul-2022 Release 1 - Info Disclosure
CVSS 2.0
CVE-2022-33687 LOW
telephony-common.jar <SMR Jul-2022 Release 1 - Info Disclosure
CVSS 3.3
CVE-2022-33686 LOW
GsmAlarmManager <SMR Jul-2022 Release 1 - Info Disclosure
CVSS 2.3
CVE-2022-30753 LOW
SecSoterService <SMR Jul-2022 Release 1 - Info Disclosure
CVSS 3.3
CVE-2022-31139 MEDIUM
UnsafeAccessor <1.7.0 - Privilege Escalation
CVSS 5.9
CVE-2022-29512 MEDIUM
Cybozu Garoon 4.0.0-5.9.1 - Authenticated Exposure of Sensitive Information
CVSS 6.5
CVE-2022-33742 HIGH
Linux - Info Disclosure
CVSS 7.1
CVE-2022-33741 HIGH
Linux - Info Disclosure
CVSS 7.1
CVE-2022-29467 MEDIUM
Cybozu Garoon 4.2.0-5.5.1 - Authenticated Exposure of Sensitive Address Information
CVSS 4.3
CVE-2022-31112 HIGH
parse-server < 4.10.13 - Information Exposure via LiveQuery Protected Fields
CVSS 8.2
CVE-2022-31032 MEDIUM
Tuleap <13.9.99.58 - Info Disclosure
CVSS 4.3
CVE-2022-31068 MEDIUM
GLPI 10.0.0-10.0.1 - Unauthenticated Exposure of Sensitive Information via Native Inventory
CVSS 5.3
Details
Vulnerabilities 10,151
Exploit Likelihood High
Links
MITRE CWE Entry Search this CWE With Exploits