CWE-200

High likelihood

Exposure of Sensitive Information to an Unauthorized Actor

Parent: CWE-668 - Exposure of Resource to Wrong Sphere

The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

10,172 vulnerabilities with CWE-200
CVE-2017-1734 MEDIUM
IBM Rational Collaborative Lifecycle Management 5.0-6.0.4 - Authenticated Exposure of Sensitive Information via Cache
CVSS 4.3
CVE-2017-1725 MEDIUM
IBM Rational Collaborative Lifecycle Management 5.0-6.0.4 - Exposure of Sensitive Information
CVSS 4.3
CVE-2017-3776 HIGH
Lenovo Help <6.1.2.0327 - Info Disclosure
CVSS 7.5
CVE-2017-0361 HIGH
MediaWiki < 1.23.16 - Exposure of Sensitive Information via API Log
CVSS 7.8
CVE-2017-6910 HIGH
Kaazing Gateway <5.6.0 - Auth Bypass
CVSS 7.5
CVE-2017-15327 MEDIUM
Huawei S12700 S7700 S9700 Firmware - Unauthenticated Sensitive Information Exposure via Improper Authorization
CVSS 4.3
CVE-2017-18072 HIGH
Qualcomm Snapdragon Mobile and Wear Firmware - Exposure of Sensitive Information via WiFi Probe Requests
CVSS 7.5
CVE-2017-2826 LOW
Zabbix 2.4.X - Information Disclosure via iConfig Proxy Request
CVSS 3.7
CVE-2017-0748 MEDIUM
Android - Information Disclosure in Qualcomm Audio Driver
CVSS 5.3
CVE-2017-6426 LOW
Android - Information Disclosure in Qualcomm SPMI Driver
CVSS 3.3
CVE-2017-6425 LOW
Android - Information Disclosure in Qualcomm Video Driver
CVSS 3.3
CVE-2017-13269 MEDIUM
Android 5.1.1-8.1 - Information Disclosure in Bluetooth Component
CVSS 4.3
CVE-2017-13268 MEDIUM
Android 5.1.1-8.1 - Information Disclosure in Bluetooth Component
CVSS 4.3
CVE-2017-13304 MEDIUM
Android - Exposure of Sensitive Information via Upstream Kernel mnh_sm Driver
CVSS 5.3
CVE-2017-13303 MEDIUM
Android - Information Disclosure in Broadcom bcmdhd Driver
CVSS 5.3
CVE-2017-13298 MEDIUM
Android 6.0-8.1 - Information Disclosure in Media Framework libhavc
CVSS 5.3
CVE-2017-13297 MEDIUM
Android 6.0-8.1 - Information Disclosure in Media Framework libhevc
CVSS 5.3
CVE-2017-13296 MEDIUM
Android 6.0-8.1 - Information Disclosure in Media Framework libavc
CVSS 5.3
CVE-2017-13294 MEDIUM
Android 6.0-8.1 - Information Disclosure in AOSP Email Application
CVSS 5.3
CVE-2017-3972 HIGH
McAfee NSM <8.2.7.42.2 - Info Disclosure
CVSS 8.3
CVE-2017-7173 MEDIUM
macOS < 10.13.2 - Kernel Memory Read Restriction Bypass
CVSS 5.5
CVE-2017-7075 MEDIUM
iPhone OS < 11.0 - Unauthorized Sensitive Information Exposure in Notes Search
CVSS 5.5
CVE-2017-2493 MEDIUM
Safari < 10.1 - Same Origin Policy Bypass via Crafted Web Elements
CVSS 6.5
CVE-2017-13877 LOW
iPhone OS < 11.0 - Unauthorized File Existence Disclosure via Sandbox Profiles
CVSS 3.3
CVE-2017-13873 MEDIUM
iPhone OS < 11.0 - Kernel Information Disclosure via Network Activity Monitoring
CVSS 4.3
Details
Vulnerabilities 10,172
Exploit Likelihood High