CWE-200

High likelihood

Exposure of Sensitive Information to an Unauthorized Actor

Parent: CWE-668 - Exposure of Resource to Wrong Sphere

The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

10,152 vulnerabilities with CWE-200
CVE-2020-11021 MEDIUM
Actions Http-Client <1.0.8 - Info Disclosure
CVSS 6.3
CVE-2020-11009 MEDIUM
Rundeck < 3.2.6 - Authenticated Authorization Bypass via Execution Data and Logs
CVSS 6.5
CVE-2020-8481 CRITICAL
ABB Ability System 800xA - Exposure of Sensitive Information via Unprotected File
CVSS 9.8
CVE-2020-10997 MEDIUM
Percona XtraBackup <2.4.20 - Info Disclosure
CVSS 6.5
CVE-2020-12070 HIGH
Advanced Woo Search < 1.99 - Sensitive Information Disclosure via AJAX Search SQL Field
CVSS 7.5
CVE-2020-11013 HIGH
Helm 3.1.0-3.1.3 - Unauthenticated Exposure of Sensitive Information via Lookup Template Function
CVSS 8.5
CVE-2020-5866 MEDIUM
NGINX Controller <3.3.0 - Command Injection
CVSS 5.5
CVE-2020-5571 HIGH
SHARP AQUOS Series - Unauthorized Sensitive Information Exposure via Malicious Application
CVSS 7.5
CVE-2020-11687 HIGH
JetBrains TeamCity < 2019.2.2 - Unauthenticated Exposure of Sensitive Information via Unmasked Password Display
CVSS 7.5
CVE-2020-5301 LOW
SimpleSAMLphp < 1.18.6 - Information Disclosure via Case-Insensitive PHP File Extension Handling
CVSS 3.0
CVE-2020-1757 HIGH
undertow <2.0.30.SP1 - Security Bypass
CVSS 8.1
CVE-2020-1699 HIGH
Ceph 14.2.5-14.2.6 and 15.0.0 - Unauthenticated Path Traversal
CVSS 7.5
CVE-2020-4338 MEDIUM
IBM MQ 9.1.0-9.1.4 - Sensitive Information Exposure via runmqras Data
CVSS 5.5
CVE-2020-1026 CRITICAL
MSR JavaScript Cryptography Library - Info Disclosure
CVSS 9.8
CVE-2020-1018 HIGH
Microsoft Dynamics Business Central/NAV - Info Disclosure
CVSS 7.5
CVE-2020-8316 MEDIUM
Lenovo Vantage <10.2003.10.0 - Privilege Escalation
CVSS 4.4
CVE-2020-7801 MEDIUM
HUSKY RTU 6049-E70 <5.0 - Info Disclosure
CVSS 5.3
CVE-2020-5330 HIGH
Dell EMC Networking X-Series <3.0.1.2, PC5500 <4.1.0.22, PowerEdge VRTX Switch Modules <2.0.0.77 - Info Disclosure
CVSS 8.1
CVE-2020-8832 MEDIUM
Ubuntu Linux < 4.15.0-91.92 - Information Exposure via Incomplete CVE-2019-14615 Fix
CVSS 5.5
CVE-2020-2732 MEDIUM
Red Hat Enterprise Linux - Exposure of Sensitive Information via KVM Nested Virtualization
CVSS 5.8
CVE-2020-1628 MEDIUM
Juniper Junos OS on EX4300 - Unauthenticated Sensitive Information Exposure via 128.0.0.0/2 Subnet Egress
CVSS 5.3
CVE-2020-1987 LOW
GlobalProtect 5.0-5.0.8 - Authenticated VPN Cookie Exposure via Troubleshooting Log Level
CVSS 3.9
CVE-2020-10976 HIGH
GitLab EE/CE <12.9 - Info Disclosure
CVSS 7.5
CVE-2020-10264 HIGH
Universal Robots ur_software 3.0.14989-3.3.3.292 - Unauthenticated Robot Data Exposure via RTDE Interface
CVSS 8.8
CVE-2020-1770 LOW
((OTRS)) CE <6.0.26 & v5.0.41 - Info Disclosure
CVSS 2.4
Details
Vulnerabilities 10,152
Exploit Likelihood High
Links
MITRE CWE Entry Search this CWE With Exploits