CWE-200

High likelihood

Exposure of Sensitive Information to an Unauthorized Actor

Parent: CWE-668 - Exposure of Resource to Wrong Sphere

The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

10,178 vulnerabilities with CWE-200
CVE-2016-0270 MEDIUM
IBM Domino 9.0.1 FP3-5 IF1 - Auth Bypass
CVSS 5.9
CVE-2016-8414 MEDIUM
Android Kernel 3.10/3.18 - Info Disclosure
CVSS 4.7
CVE-2016-6495 MEDIUM
NetApp Data ONTAP <8.2.4P5 - Info Disclosure
CVSS 5.9
CVE-2016-4341 HIGH
NetApp Clustered Data ONTAP <8.3.2P7 - Info Disclosure
CVSS 7.5
CVE-2016-3124 MEDIUM
SimpleSAMLphp < 1.14.1 - PHP Version Exposure via Sanitycheck Module
CVSS 5.3
CVE-2016-6097 MEDIUM
IBM Tivoli Key Lifecycle Manager <2.7 - Info Disclosure
CVSS 4.0
CVE-2016-6094 MEDIUM
IBM Tivoli Key Lifecycle Manager <2.7 - Info Disclosure
CVSS 4.3
CVE-2016-6092 MEDIUM
IBM Tivoli Key Lifecycle Manager <2.7 - Info Disclosure
CVSS 6.2
CVE-2016-9772 MEDIUM
OpenAFS < 1.6.19 - Unauthorized Sensitive Directory Information Exposure via Cache Partition
CVSS 5.3
CVE-2016-8217 LOW
EMC RSA BSAFE Crypto-J <6.2.2 - Timing Attack
CVSS 3.7
CVE-2016-0890 MEDIUM
EMC PowerPath Virtual - Info Disclosure
CVSS 6.4
CVE-2016-6116 MEDIUM
IBM Tivoli Key Lifecycle Manager <2.7 - Info Disclosure
CVSS 5.9
CVE-2016-6099 MEDIUM
IBM Tivoli Key Lifecycle Manager <2.7 - Info Disclosure
CVSS 5.3
CVE-2016-5935 MEDIUM
IBM Dashboard Application Services Hub - Exposure of Sensitive Information via Improper SSL Certificate Validation
CVSS 5.9
CVE-2016-8982 MEDIUM
IBM InfoSphere Information Server - Info Disclosure
CVSS 5.3
CVE-2016-8977 MEDIUM
IBM BigFix Inventory v9 - Info Disclosure
CVSS 5.3
CVE-2016-8963 MEDIUM
IBM BigFix Inventory v9 - Info Disclosure
CVSS 5.5
CVE-2016-6068 HIGH
IBM UrbanCode Deploy - Privilege Escalation
CVSS 7.5
CVE-2016-5953 LOW
IBM Sterling Order Management - Info Disclosure
CVSS 3.7
CVE-2016-5938 LOW
IBM Kenexa LMS on Cloud - Exposure of Sensitive Information via Local Web Page Storage
CVSS 3.3
CVE-2016-2941 MEDIUM
IBM UrbanCode Deploy - Sensitive Information Exposure via Temporary Files
CVSS 5.5
CVE-2016-6117 MEDIUM
IBM Tivoli Key Lifecycle Manager <2.7 - Info Disclosure
CVSS 5.3
CVE-2016-8981 MEDIUM
IBM BigFix Inventory v9 - Info Disclosure
CVSS 5.5
CVE-2016-8966 MEDIUM
IBM BigFix Inventory v9 - Info Disclosure
CVSS 5.9
CVE-2016-6122 MEDIUM
IBM Kenexa LMS on Cloud <13.2.4 - Info Disclosure
CVSS 4.3
Details
Vulnerabilities 10,178
Exploit Likelihood High