CWE-200

High likelihood

Exposure of Sensitive Information to an Unauthorized Actor

Parent: CWE-668 - Exposure of Resource to Wrong Sphere

The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

10,178 vulnerabilities with CWE-200
CVE-2017-4016 MEDIUM
McAfee NDLP <9.3.x - Info Disclosure
CVSS 5.3
CVE-2017-4013 MEDIUM
McAfee NDLP <9.3.x - Info Disclosure
CVSS 5.3
CVE-2017-7488 MEDIUM
Authconfig <6.2.8 - Info Disclosure
CVSS 4.3
CVE-2017-6651 HIGH
Cisco WebEx Meetings Server 2.5-2.8 Sensitive Meeting Info Exposure via robots.txt
CVSS 7.5
CVE-2017-7495 MEDIUM
Linux kernel <4.6.2 - Info Disclosure
CVSS 5.5
CVE-2017-5655 MEDIUM
Apache Ambari 2.2.2-2.4.2 and 2.5.0 - Unauthorized Sensitive Data Exposure via Temporary Files
CVSS 6.5
CVE-2017-7486 HIGH
PostgreSQL 8.4-9.6 - Unauthorized Information Disclosure via pg_user_mappings View
CVSS 7.5
CVE-2017-7484 HIGH
PostgreSQL <9.2.21-9.6.3 - Info Disclosure
CVSS 7.5
CVE-2017-0634 MEDIUM
Android Kernel 3.18 - Info Disclosure
CVSS 4.7
CVE-2017-0633 MEDIUM
Android Kernel 3.10/3.18 - Info Disclosure
CVSS 4.7
CVE-2017-0632 MEDIUM
Android Kernel 3.10 - Info Disclosure
CVSS 4.7
CVE-2017-0631 MEDIUM
Android Kernel 3.10/3.18 - Info Disclosure
CVSS 4.7
CVE-2017-0630 MEDIUM
Android Kernel <3.10,3.18 - Info Disclosure
CVSS 4.7
CVE-2017-0629 MEDIUM
Android Kernel 3.10/3.18 - Info Disclosure
CVSS 4.7
CVE-2017-0628 MEDIUM
Android Kernel 3.10/3.18 - Info Disclosure
CVSS 4.7
CVE-2017-0627 MEDIUM
Android Kernel <3.10, 3.18 - Info Disclosure
CVSS 4.7
CVE-2017-0626 MEDIUM
Android Kernel <3.18 - Info Disclosure
CVSS 5.5
CVE-2017-0625 MEDIUM
Android < 7.1.2 - Information Disclosure via MediaTek Command Queue Driver
CVSS 5.5
CVE-2017-0624 MEDIUM
Android Kernel 3.10/3.18 - Info Disclosure
CVSS 5.5
CVE-2017-0602 MEDIUM
Android 4.4.4 5.0.2 5.1.1 6.0 6.0.1 7.0 7.1.1 7.1.2 - Information Disclosure via Bluetooth
CVSS 5.5
CVE-2017-0598 MEDIUM
Android 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2 - Unauthorized Data Access via Framework API
CVSS 5.5
CVE-2017-0276 MEDIUM
Microsoft Windows SMBv1 - Information Disclosure via Request Handling
CVSS 5.9
CVE-2017-0275 MEDIUM
Microsoft Windows SMBv1 - Information Disclosure via Request Handling
CVSS 5.9
CVE-2017-0274 MEDIUM
Microsoft Windows SMBv1 - Information Disclosure via Request Handling
CVSS 5.9
CVE-2017-0271 MEDIUM
Microsoft Windows SMBv1 - Information Disclosure via Request Handling
CVSS 5.9
Details
Vulnerabilities 10,178
Exploit Likelihood High