CWE-200

High likelihood

Exposure of Sensitive Information to an Unauthorized Actor

Parent: CWE-668 - Exposure of Resource to Wrong Sphere

The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

10,152 vulnerabilities with CWE-200
CVE-2020-3498 MEDIUM
Cisco Jabber 12.1-12.1.2 - Authenticated Information Disclosure via Message Content
CVSS 6.5
CVE-2020-15704 MEDIUM
ppp < 2.4.7-1+ubuntu1.16.04.3 - Arbitrary File Read via MODPROBE_OPTIONS Environment Variable
CVSS 5.5
CVE-2020-4172 MEDIUM
IBM Security Guardium Insights 2.0.1 - Exposure of Sensitive Information via URL Parameters
CVSS 5.3
CVE-2020-3520 MEDIUM
Cisco Data Center Network Manager < 11.4(1) - Authenticated Sensitive Information Exposure via Local Filesystem Access
CVSS 5.5
CVE-2020-24381 HIGH
GUnet Open eClass Platform <3.11 - Info Disclosure
CVSS 7.5
CVE-2020-1510 MEDIUM
Windows 10 - Information Disclosure in win32k Kernel Component
CVSS 5.5
CVE-2020-3472 MEDIUM
Cisco Webex Meetings - Info Disclosure
CVSS 5.0
CVE-2020-3411 HIGH
Cisco Catalyst Center 1.3-1.3.1.3 - Unauthenticated Sensitive Information Disclosure via Authentication Token Handling
CVSS 7.5
CVE-2020-8232 MEDIUM
EdgeMax EdgeSwitch <1.9.0 - Info Disclosure
CVSS 6.5
CVE-2020-8210 HIGH
Citrix XenMobile <10.12 - Info Disclosure
CVSS 7.5
CVE-2020-6653 LOW
Eaton SecureConnect < 1.7.3 - Sensitive Information Exposure via Logcat
CVSS 3.8
CVE-2020-13179 MEDIUM
Teradici PCoIP <20.04.1 - Info Disclosure
CVSS 5.5
CVE-2020-15647 HIGH
Firefox for Android < 68.10.1 - Sensitive Data Exposure via Content Provider
CVSS 7.4
CVE-2020-9525 HIGH
CS2 Network P2P <= 3.0.3a - Insufficiently Protected Credentials
CVSS 8.1
CVE-2020-12777 HIGH
Combodo iTop - Command Injection/Info Disclosure
CVSS 7.5
CVE-2020-13523 LOW
SoftPerfect's RAM Disk <4.1 - Info Disclosure
CVSS 3.3
CVE-2020-5414 MEDIUM
VMware Tanzu Application Service - Info Disclosure
CVSS 5.7
CVE-2020-8216 MEDIUM
Pulse Connect Secure <9.1R8 - Info Disclosure
CVSS 4.3
CVE-2020-4186 MEDIUM
IBM Security Guardium 10.5, 10.6, and 11.1 - Exposure of Sensitive Information on Login Page
CVSS 5.3
CVE-2020-15099 HIGH
TYPO3 CMS >=9.0.0 <9.5.20, >=10.0.0 <10.4.6 - Info Disclosure
CVSS 8.1
CVE-2020-15098 HIGH
TYPO3 CMS >=9.0.0 <9.5.20, >=10.0.0 <10.4.6 - RCE
CVSS 8.8
CVE-2020-15086 CRITICAL
mediace 7.6.2-7.6.4 - Authenticated Remote Code Execution via Checksum Verification Bypass
CVSS 9.8
CVE-2020-6514 MEDIUM
Google Chrome < 84.0.4147.89 - Heap Corruption via Crafted SCTP Stream
CVSS 6.5
CVE-2020-12027 MEDIUM
FactoryTalk View SE - Exposure of Sensitive Information via Hostname and File Path Disclosure
CVSS 4.3
CVE-2020-4361 MEDIUM
IBM Planning Analytics 2.0 - Unauthorized Sensitive Information Exposure via HTTP Response
CVSS 4.3
Details
Vulnerabilities 10,152
Exploit Likelihood High
Links
MITRE CWE Entry Search this CWE With Exploits