CWE-200

High likelihood

Exposure of Sensitive Information to an Unauthorized Actor

Parent: CWE-668 - Exposure of Resource to Wrong Sphere

The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

10,152 vulnerabilities with CWE-200
CVE-2020-25192 MEDIUM
MOXA NPort IAW5000A-I/O Firmware < 2.1 - Unauthenticated Exposure of Sensitive Information
CVSS 5.3
CVE-2020-12518 MEDIUM
Phoenix Contact PLCnext Control Devices <2021.0 LTS - Info Disclosure
CVSS 5.5
CVE-2020-4908 MEDIUM
IBM Financial Transaction Manager for SWIFT Services for Multiplatforms 3.2.4 - Information Exposure via Login Dialog
CVSS 5.3
CVE-2020-0488 MEDIUM
Android 11 - Information Disclosure via Uninitialized Data in ihevc_inter_pred_chroma_copy_ssse3
CVSS 6.5
CVE-2020-8284 LOW
curl < 7.73.0 - Exposure of Sensitive Information via FTP PASV Response
CVSS 3.7
CVE-2020-8169 HIGH
curl 7.62.0-7.70.0 - Information Disclosure via Password Leak
CVSS 7.5
CVE-2020-25179 CRITICAL
Gehealthcare 3.0t Signa Hdxt Firmware - Information Disclosure
CVSS 9.8
CVE-2020-27134 CRITICAL
Cisco Jabber - Information Disclosure via Sensitive Data Insertion
CVSS 9.9
CVE-2020-26417 MEDIUM
GitLab CE/EE 13.1-<13.4.7, 13.5-<13.5.5, 13.6-<13.6.2 - Info Disclo...
CVSS 5.3
CVE-2020-26415 MEDIUM
GitLab <13.4.7,<13.5.5,<13.6.2 - Info Disclosure
CVSS 4.3
CVE-2020-26413 MEDIUM
GitLab CE/EE <13.6.2 - Info Disclosure
CVSS 5.3
CVE-2020-9849 MEDIUM
iCloud < 11.5 - Exposure of Sensitive Information via Improved State Management
CVSS 6.5
CVE-2020-17527 HIGH
Apache Tomcat <10.0.0-M9, 9.0.39, 8.5.59 - Info Disclosure
CVSS 7.5
CVE-2020-5676 HIGH
GROWI < 4.1.3 - Unauthorized Information Exposure
CVSS 7.5
CVE-2020-29043 HIGH
BigBlueButton < 2.2.29 - Unauthenticated Email Validation Bypass
CVSS 7.5
CVE-2020-28333 CRITICAL
Barco wePresent WiPG-1600W Firmware 2.5.1.8 - Authentication Bypass via SEID Token Exposure
CVSS 9.8
CVE-2020-7568 MEDIUM
Modicon M221 Firmware - Exposure of Sensitive Information via Traffic Capture
CVSS 4.3
CVE-2020-12496 MEDIUM
Endress+Hauser Ecograph T/M <V2.0.0 - Info Disclosure
CVSS 6.5
CVE-2020-25703 MEDIUM
Moodle 3.7.0-3.7.8, 3.8.0-3.8.5, 3.9.0-3.9.2 - Information Disclosure in Participants Table Download
CVSS 5.3
CVE-2020-26076 HIGH
Cisco IoT Field Network Director < 4.6.1 - Sensitive Database Information Exposure
CVSS 7.5
CVE-2020-25746 MEDIUM
QED ResourceXpress Qubi3 Firmware < 1.40.9 - Sensitive Information Exposure via Debug Interface
CVSS 4.6
CVE-2020-26230 HIGH
Radar COVID < 1.0.7 (Android), < 1.0.8 (iOS), < 1.1.0 (Android/iOS), Backend < 1.1.2 - User De-Anonymization
CVSS 7.4
CVE-2020-2022 HIGH
Palo Alto Networks PAN-OS 8.1 < 8.1.17 - Privilege Escalation via Context Switch Token Exposure
CVSS 7.5
CVE-2020-26220 LOW
touchbase.ai < 2.0 - Unauthorized Sensitive Information Exposure via EXIF Data Leak
CVSS 3.5
CVE-2020-27403 MEDIUM
TCL Android Smart TV - Info Disclosure
CVSS 6.5
Details
Vulnerabilities 10,152
Exploit Likelihood High
Links
MITRE CWE Entry Search this CWE With Exploits