CWE-200

High likelihood

Exposure of Sensitive Information to an Unauthorized Actor

Parent: CWE-668 - Exposure of Resource to Wrong Sphere

The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

10,178 vulnerabilities with CWE-200
CVE-2017-2109 LOW
Cybozu KUNAI for Android <3.0.5.1 - Info Disclosure
CVSS 2.5
CVE-2017-2105 MEDIUM
TVer App for Android <= 3.2.7 - Exposure of Sensitive Information via Unverified X.509 Certificates
CVSS 5.9
CVE-2017-2104 MEDIUM
Business LaLa Call App <1.4.7 - Info Disclosure
CVSS 5.9
CVE-2017-2103 MEDIUM
LaLa Call App <2.4.7 - Info Disclosure
CVSS 5.9
CVE-2017-2093 MEDIUM
Cybozu Garoon <4.2.3 - Info Disclosure
CVSS 4.3
CVE-2017-7415 HIGH
Atlassian Confluence <6.0.7 - Auth Bypass
CVSS 7.5
CVE-2017-8057 MEDIUM
Joomla! 3.4.0-3.6.5 - Unauthenticated Sensitive Information Exposure via Error Reporting
CVSS 5.3
CVE-2017-7983 MEDIUM
Joomla! 1.5.0-3.6.5 - Information Disclosure via JMail API
CVSS 5.3
CVE-2017-8109 HIGH
SaltStack Salt 2016.11-2016.11.4 - Exposure of Sensitive Information via salt-ssh Minion Configuration
CVSS 7.8
CVE-2017-3560 MEDIUM
Oracle Hospitality OPERA <5.5.1 - Info Disclosure
CVSS 4.3
CVE-2017-3556 MEDIUM
Oracle E-Business Suite <12.2.7 - Info Disclosure
CVSS 5.3
CVE-2017-3552 MEDIUM
Oracle Hospitality OPERA <5.5.1 - Info Disclosure
CVSS 4.3
CVE-2017-3527 MEDIUM
Oracle PeopleSoft Products 8.54-8.55 - Info Disclosure
CVSS 5.3
CVE-2017-3498 LOW
Oracle Solaris 11.3 - Unauthorized Read Access via Kernel
CVSS 3.3
CVE-2017-2334 HIGH
Juniper Networks NorthStar Controller <2.1.0 - Info Disclosure
CVSS 7.5
CVE-2017-2328 MEDIUM
Juniper Networks NorthStar Controller <2.1.0-SP1 - Info Disclosure
CVSS 5.5
CVE-2017-2326 MEDIUM
Juniper Networks NorthStar Controller <2.1.0 SP1 - Info Disclosure
CVSS 6.5
CVE-2017-2320 CRITICAL
Juniper Networks NorthStar Controller <2.1.0 - DoS
CVSS 10.0
CVE-2017-2318 MEDIUM
Juniper Networks NorthStar Controller App <2.1.0 SP1 - Info Disclosure
CVSS 6.5
CVE-2017-2317 HIGH
Juniper Networks NorthStar Controller <2.1.0 - DoS
CVSS 8.6
CVE-2017-6614 MEDIUM
Cisco FindIT Network Probe 1.0.0 - Authenticated Exposure of Sensitive Information via File Download Feature
CVSS 6.5
CVE-2017-5158 CRITICAL
Schneider Electric Wonderware InTouch Access Anywhere < 11.5.2 - Exposure of Sensitive Information via URL Parameters
CVSS 9.8
CVE-2017-5190 LOW
NetIQ Access Manager <4.2-SP3-HF1 & <4.3-SP1-HF1 - Info Disclosure
CVSS 3.1
CVE-2017-7282 MEDIUM
Unitrends Enterprise Backup <9.1.1 - LFI
CVSS 5.5
CVE-2017-7978 HIGH
Samsung Mobile L(5.0/5.1) M(6.0) N(7.x) - Unauthorized Sensitive Information Exposure via World-Readable Log File
CVSS 7.5
Details
Vulnerabilities 10,178
Exploit Likelihood High