CWE-200

High likelihood

Exposure of Sensitive Information to an Unauthorized Actor

Parent: CWE-668 - Exposure of Resource to Wrong Sphere

The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

10,178 vulnerabilities with CWE-200
CVE-2016-6026 MEDIUM
IBM Sterling Secure Proxy <3.4.2.0-3.4.3.0 - Info Disclosure
CVSS 5.3
CVE-2016-1455 HIGH
Cisco NX-OS <7.0(3)I2(2e)-7.0(3)I4(1) - Info Disclosure
CVSS 7.5
CVE-2016-7561 HIGH
Fortinet FortiWLC <=8.2-4-0 - Sensitive Information Exposure via pam.log
CVSS 7.2
CVE-2016-6420 MEDIUM
Cisco FireSIGHT System Software - Auth Bypass
CVSS 6.5
CVE-2016-2307 HIGH
American Auto-Matrix Aspect-Nexus < 2.0 and Aspect-Matrix - Arbitrary File Read
CVSS 7.5
CVE-2016-7031 HIGH
Ceph < 10.0.1 - Unauthenticated Exposure of Sensitive Information via Bucket Listing
CVSS 7.5
CVE-2016-6494 MEDIUM
MongoDB < 3.0.15 - Exposure of Sensitive Information via World-Readable .dbshell History Files
CVSS 5.5
CVE-2016-7442 MEDIUM
Sophos Unified Threat Management Software <= 9.405-5 - Exposure of Sensitive Information via Proxy User Settings
CVSS 4.4
CVE-2016-7397 MEDIUM
Sophos Unified Threat Management Software <= 9.405-5 - Sensitive Password Information Exposure via SMTP User Settings
CVSS 4.4
CVE-2016-5986 HIGH
IBM WebSphere Application Server - Info Disclosure
CVSS 7.5
CVE-2016-7090 MEDIUM
Siemens SCALANCE M-800 and S615 Firmware < 4.02 - Session Cookie Exposure via Missing Secure Flag
CVSS 4.0
CVE-2016-6146 MEDIUM
SAP TREX 7.10- Revision 63 - Info Disclosure
CVSS 5.3
CVE-2016-6827 MEDIUM
Huawei FusionCompute < V100R005C10CP7002 - Authenticated Exposure of Sensitive Information via Cleartext AES Keys
CVSS 6.5
CVE-2016-3639 MEDIUM
SAP HANA DB <1.00.091.00.1418659308 - Info Disclosure
CVSS 4.3
CVE-2016-5976 MEDIUM
IBM Tealeaf Customer Experience <9.0.1-9.0.2 - Info Disclosure
CVSS 4.9
CVE-2016-5972 MEDIUM
IBM Security Privileged Identity Manager (ISPIM) Virtual Appliance ...
CVSS 6.8
CVE-2016-5971 HIGH
IBM Security Privileged Identity Manager Virtual Appliance <2.0.2 F...
CVSS 7.1
CVE-2016-5970 MEDIUM
IBM Security Privileged Identity Manager <2.0.2 FP8 - Path Traversal
CVSS 6.5
CVE-2016-5946 MEDIUM
IBM Spectrum Control <5.2.11 - Path Traversal
CVSS 6.5
CVE-2016-2999 MEDIUM
IBM Connections < 5.5.0.0 - Authenticated Sensitive Information Exposure via Brute-Force Attack
CVSS 6.5
CVE-2016-0248 LOW
IBM Security Guardium <9.0p700, 10.0p100 - Info Disclosure
CVSS 3.7
CVE-2016-5172 MEDIUM
Google Chrome < 53.0.2785.113 - Exposure of Sensitive Information via V8 Parser Scope Mishandling
CVSS 6.5
CVE-2016-4771 MEDIUM
Apple iOS < 10 and OS X < 10.12 - Unauthorized File Access via Directory Pathname
CVSS 5.5
CVE-2016-4758 MEDIUM
Safari < 9.1.3 - Exposure of Sensitive Information via Location Variable
CVSS 6.5
CVE-2016-4755 MEDIUM
macOS < 10.11.6 - Unprotected User Data Exposure via Weak Terminal History File Permissions
CVSS 5.5
Details
Vulnerabilities 10,178
Exploit Likelihood High