CWE-200

High likelihood

Exposure of Sensitive Information to an Unauthorized Actor

Parent: CWE-668 - Exposure of Resource to Wrong Sphere

The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

10,172 vulnerabilities with CWE-200
CVE-2017-1515 MEDIUM
IBM DOORS 9.5.0.0-9.5.0.6 Sensitive Info Exposure via HTTP Errors
CVSS 4.3
CVE-2017-1000399 MEDIUM
Jenkins <2.73.1, <2.83 - Info Disclosure
CVSS 4.3
CVE-2017-1000398 MEDIUM
Jenkins <2.73.1, <2.83 - Info Disclosure
CVSS 4.3
CVE-2017-1000395 MEDIUM
Jenkins <2.73.1, <2.83 - Info Disclosure
CVSS 4.3
CVE-2017-1000505 MEDIUM
Jenkins Script Security Plugin <1.36 - Info Disclosure
CVSS 6.5
CVE-2017-2744 MEDIUM
HP Support Assistant < 12.7.26.1 - Unauthorized Binary Extraction to Protected Locations
CVSS 5.5
CVE-2017-16609 HIGH
Netgain Enterprise Manager - Info Disclosure
CVSS 7.5
CVE-2017-16607 HIGH
Netgain Enterprise Manager - Info Disclosure
CVSS 7.5
CVE-2017-16596 MEDIUM
NetGain Systems Enterprise Manager <7.2.730 - Info Disclosure
CVSS 6.5
CVE-2017-16595 MEDIUM
NetGain Systems Enterprise Manager <7.2.730 - Info Disclosure
CVSS 6.5
CVE-2017-16592 MEDIUM
NetGain Systems Enterprise Manager <7.2.730 - Info Disclosure
CVSS 6.5
CVE-2017-16591 MEDIUM
NetGain Systems Enterprise Manager <7.2.699 - Info Disclosure
CVSS 6.5
CVE-2017-15112 HIGH
keycloak-httpd-client-install < 0.8 - Exposure of Sensitive Information via Command Line Password
CVSS 7.8
CVE-2017-14082 HIGH
Trend Micro Mobile Security <9.7 - Info Disclosure
CVSS 7.5
CVE-2017-15713 MEDIUM
Apache Hadoop Sensitive Information Exposure via Malicious Configuration
CVSS 6.5
CVE-2017-10262 MEDIUM
Oracle Access Manager 11.1.2.3.0 - Unauthenticated Exposure of Sensitive Information via Web Server Plugin
CVSS 5.9
CVE-2017-13222 HIGH
Android Kernel - Information Disclosure
CVSS 7.5
CVE-2017-13218 MEDIUM
Android - Local Information Disclosure via CNTVCT_EL0 Access
CVSS 4.7
CVE-2017-13207 HIGH
Android 7.0, 7.1.1, 7.1.2, 8.0 - Information Disclosure in Media Framework Stagefright MPEG4Writer
CVSS 7.5
CVE-2017-13206 HIGH
Android 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0, 8.1 - Information Disclosure in Media Framework AAC Decoder
CVSS 7.5
CVE-2017-13205 CRITICAL
Android 7.0-8.1 - Information Disclosure in libmpeg2
CVSS 9.1
CVE-2017-13204 CRITICAL
Android 7.0-8.1 - Information Disclosure in libavc
CVSS 9.1
CVE-2017-13203 CRITICAL
Android 7.0-8.1 - Information Disclosure in Media Framework libavc
CVSS 9.1
CVE-2017-13202 HIGH
Android 5.1.1-8.1 - Information Disclosure in Media Framework
CVSS 7.5
CVE-2017-13201 HIGH
Android 5.1.1-8.1 - Information Disclosure in Media Framework
CVSS 7.5
Details
Vulnerabilities 10,172
Exploit Likelihood High