CWE-200

High likelihood

Exposure of Sensitive Information to an Unauthorized Actor

Parent: CWE-668 - Exposure of Resource to Wrong Sphere

The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

10,172 vulnerabilities with CWE-200
CVE-2017-8950 MEDIUM
HPE SiteScope <11.2x-11.3x - Info Disclosure
CVSS 5.5
CVE-2017-8944 HIGH
HPE Cloud Optimizer <3.0x - Info Disclosure
CVSS 7.5
CVE-2017-5811 HIGH
HPE Network Automation 9.1x-10.2x - Remote Code Execution
CVSS 7.5
CVE-2017-5803 HIGH
HP NonStop Server Software T0801H01-T0801H01^ACA - Exposure of Sensitive Information via SSH Service
CVSS 7.5
CVE-2017-5801 HIGH
HPE Business Process Monitor v09.2x v09.30 - Exposure of Sensitive Information to an Unauthorized Actor
CVSS 7.5
CVE-2017-5797 HIGH
HPE Intelligent Management Center SOM v7.3 (E0501) - Unauthenticated Exposure of Sensitive Information
CVSS 7.5
CVE-2017-5795 MEDIUM
HPE Intelligent Management Center PLAT 7.2 E0403P06 - Local Arbitrary File Download
CVSS 6.5
CVE-2017-5788 MEDIUM
HPE NonStop Software Essentials T0894H02-T0894H02^AAI - Local Disclosure of Sensitive Information
CVSS 5.5
CVE-2017-5785 MEDIUM
HPE Matrix Operating Environment v7.6 - Exposure of Sensitive Information to an Unauthorized Actor
CVSS 6.5
CVE-2017-12555 MEDIUM
HPE Intelligent Management Center SOM 7.3 E0501 - Unauthenticated Arbitrary File Download and Information Disclosure
CVSS 6.5
CVE-2017-12543 MEDIUM
HP Moonshot Remote Console Administrator < 2.50 - Exposure of Sensitive Information
CVSS 6.5
CVE-2017-12723 LOW
Smiths Medical Medfusion 4000 Wireless Syringe Infusion Pump 1.1, 1.5, 1.6 - Password Exposure in Configuration File
CVSS 3.7
CVE-2017-15709 LOW
Apache ActiveMQ 5.14.0-5.15.2 - Exposure of Sensitive System Information via OpenWire Protocol
CVSS 3.7
CVE-2017-13246 HIGH
Android - Information Disclosure in Upstream Kernel Network Driver
CVSS 7.5
CVE-2017-13243 HIGH
Android 5.1.1-8.0 - Information Disclosure in UI Component
CVSS 7.5
CVE-2017-13242 HIGH
Android 6.0-8.1 - Information Disclosure in Bluetooth
CVSS 7.5
CVE-2017-13241 HIGH
Android 5.1.1-8.1 - Information Disclosure in libstagefright_soft_avcenc
CVSS 7.5
CVE-2017-13240 HIGH
Android 8.0-8.1 - Information Disclosure in Crypto Framework
CVSS 7.5
CVE-2017-13239 HIGH
Android 8.0 - Information Disclosure in UI Framework
CVSS 7.5
CVE-2017-13238 MEDIUM
Android - Local Information Disclosure via XBLRamDump Debug Feature
CVSS 4.2
CVE-2017-13232 HIGH
Android 5.1.1-8.1 - Local Information Disclosure via Audioserver Log Statement
CVSS 7.5
CVE-2017-1785 MEDIUM
IBM API Connect 5.0.7-5.0.8 - Authenticated Exposure of Sensitive Information via Query Parameter Modification
CVSS 4.3
CVE-2017-6200 MEDIUM
Sandstorm < 0.203 - Unauthenticated Arbitrary File Read via Backup Function
CVSS 6.5
CVE-2017-16911 MEDIUM
Linux Kernel <4.14.8, 4.4.114 - Info Disclosure
CVSS 4.7
CVE-2017-1784 MEDIUM
IBM Cognos Analytics 11.0 - Exposure of Sensitive Information in Temporary Files
CVSS 5.5
Details
Vulnerabilities 10,172
Exploit Likelihood High