CWE-200

High likelihood

Exposure of Sensitive Information to an Unauthorized Actor

Parent: CWE-668 - Exposure of Resource to Wrong Sphere

The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

10,151 vulnerabilities with CWE-200
CVE-2021-22145 MEDIUM
Elasticsearch 7.10.0-7.13.3 - Memory Disclosure via Malformed Query Error Message
CVSS 6.5
CVE-2021-21817 HIGH
D-LINK DIR-3040 1.13B03 - Exposure of Sensitive Information via Zebra IP Routing Manager
CVSS 7.5
CVE-2021-21816 MEDIUM
D-LINK DIR-3040 1.13B03 - Information Disclosure via Syslog Functionality
CVSS 4.3
CVE-2021-0291 MEDIUM
Juniper Networks Junos OS/Junos OS Evolved - Info Disclosure
CVSS 6.5
CVE-2021-32770 HIGH
Gatsby <4.0.8, <5.9.2 - Info Disclosure
CVSS 7.5
CVE-2021-20498 MEDIUM
IBM Security Verify Access Docker 10.0.0 - Info Disclosure
CVSS 5.3
CVE-2021-34429 MEDIUM
Eclipse Jetty 9.4.37-9.4.42, 10.0.1-10.0.5, 11.0.1-11.0.5 - Directory Traversal & Security Bypass via Encoded URI
CVSS 5.3
CVE-2021-32750 MEDIUM
muwire < 0.8.8 - Unauthenticated IP Address Exposure via HTML Image Tag in Message Subject
CVSS 6.8
CVE-2021-21587 MEDIUM
Dell Wyse Management Suite <= 3.2 - Unauthenticated Full Path Disclosure
CVSS 5.3
CVE-2021-35527 HIGH
Hitachi ABB Power Grids eSOMS <6.3 - Info Disclosure
CVSS 7.5
CVE-2021-0602 HIGH
Android 10-11 - Unauthenticated Wi-Fi Settings Exposure via WifiNetworkDetailsFragment
CVSS 7.8
CVE-2021-33687 MEDIUM
SAP NetWeaver AS JAVA - Info Disclosure
CVSS 4.9
CVE-2021-33709 MEDIUM
Teamcenter Active Workspace <V4.3.9-V5.0.7-V5.1.4 - Info Disclosure
CVSS 4.3
CVE-2021-32747 MEDIUM
Icinga Web 2 <2.8.2 - Info Disclosure
CVSS 5.3
CVE-2021-32707 MEDIUM
Nextcloud Mail <1.9.6-1.10.0 - Info Disclosure
CVSS 4.3
CVE-2021-32689 HIGH
Nextcloud Talk <11.2.2 - Info Disclosure
CVSS 8.1
CVE-2021-21591 MEDIUM
Dell EMC Unity, Unity XT, and UnityVSA < 5.1.0.0.5.394 - Insufficiently Protected Credentials
CVSS 6.4
CVE-2021-21590 MEDIUM
Dell EMC Unity, Unity XT, and UnityVSA < 5.1.0.0.5.394 - Plain-Text Password Storage
CVSS 6.4
CVE-2021-22917 MEDIUM
Brave Browser Desktop <1.17-1.20 - Info Disclosure
CVSS 6.5
CVE-2021-22916 MEDIUM
Brave Desktop <1.17-1.26.60 - Info Disclosure
CVSS 5.9
CVE-2021-1562 MEDIUM
Cisco BroadWorks Application Server 22.0-22.0.2020.08 - Authenticated Information Disclosure via XSI-Actions Interface
CVSS 4.3
CVE-2021-25432 LOW
Samsung Members <2.4.85.11-3.9.10.11 - Info Disclosure
CVSS 3.3
CVE-2021-25426 HIGH
Samsung Message <SMR July-2021 Release 1 - Info Disclosure
CVSS 7.5
CVE-2021-32528 MEDIUM
QSAN Storage Manager < 3.3.1 - Unauthenticated Exposure of Sensitive System Information
CVSS 5.3
CVE-2021-32731 MEDIUM
XWiki Platform <13.1-13.1 - Info Disclosure
CVSS 5.3
Details
Vulnerabilities 10,151
Exploit Likelihood High
Links
MITRE CWE Entry Search this CWE With Exploits