CWE-200

High likelihood

Exposure of Sensitive Information to an Unauthorized Actor

Parent: CWE-668 - Exposure of Resource to Wrong Sphere

The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

10,178 vulnerabilities with CWE-200
CVE-2016-6899 HIGH
Huawei RH1288/RH2288/RH2288H/RH5885/XH620/XH622/XH628 V3 Firmware - Sensitive Info Exposure via Insecure SSL
CVSS 7.5
CVE-2016-6838 HIGH
Huawei Rh1288 V3 Server Firmware - Information Disclosure
CVSS 7.5
CVE-2016-6670 MEDIUM
Huawei S7700 S9300 S9700 S12700 - Private Key Exposure via Weak Certificate Entropy
CVSS 5.3
CVE-2016-1242 MEDIUM
Tryton <3.2.17, <3.4.14, <3.6.12, <3.8.8, <4.0.4 - Info Disclosure
CVSS 4.4
CVE-2016-1241 MEDIUM
Tryton <3.2.17, <3.4.14, <3.6.12, <3.8.8, <4.0.4 - Info Disclosure
CVSS 5.3
CVE-2016-6345 MEDIUM
RESTEasy - Authenticated Exposure of Sensitive Information via Async Job Random Value Weakness
CVSS 6.5
CVE-2016-6344 MEDIUM
Red Hat JBoss BPM Suite 6.3.x - Info Disclosure
CVSS 5.3
CVE-2016-7153 MEDIUM
Microsoft Edge - Exposure of Sensitive Information via HTTP/2 TCP Congestion Window
CVSS 5.3
CVE-2016-7152 MEDIUM
Opera - Exposure of Sensitive Information via HTTPS TCP Congestion Window
CVSS 5.3
CVE-2016-5430 MEDIUM
jose-php < 2.2.1 - Exposure of Sensitive Information via RSA 1.5 Algorithm
CVSS 5.3
CVE-2016-5429 LOW
jose-php < 2.2.0 - Timing Attack via HMAC Comparison
CVSS 3.7
CVE-2016-1473 CRITICAL
Cisco Small Business 220 <1.0.1.1 - Info Disclosure
CVSS 9.8
CVE-2016-6298 MEDIUM
jwcrypto < 0.3.2 - Exposure of Sensitive Information via RSA 1.5 Algorithm
CVSS 5.3
CVE-2016-0385 LOW
IBM WebSphere Application Server <9.0.0.1 - Buffer Overflow
CVSS 3.1
CVE-2016-3064 MEDIUM
NetApp Clustered Data ONTAP <8.2.4P4/8.3.x<8.3.2P2 Sensitive Info Exposure
CVSS 6.5
CVE-2016-2183 HIGH
Redhat Jboss Enterprise Application Platform - Information Disclosure
CVSS 7.5
CVE-2016-5677 HIGH
NUUO NVRmini <3.0.0 - Info Disclosure
CVSS 7.5
CVE-2016-0397 MEDIUM
IBM BigFix <9.5.2 - Info Disclosure
CVSS 5.9
CVE-2016-0292 MEDIUM
IBM BigFix <9.5.2 - Info Disclosure
CVSS 5.5
CVE-2016-4378 HIGH
HPE XP P9000 <8.4.1-00 - Info Disclosure
CVSS 7.5
CVE-2016-1497 MEDIUM
F5 BIG-IP <11.2.1 HF16, 11.3.x, 11.4.x <11.4.1 HF10, 11.5.x <11.5.4...
CVSS 4.9
CVE-2016-6231 MEDIUM
Kaspersky Safe Browser iOS <1.7.0 - Info Disclosure
CVSS 5.9
CVE-2016-5812 LOW
Moxa OnCell G3001 Firmware < 1.6 and G3100V2 Firmware < 2.7 - Cleartext Password Storage
CVSS 3.3
CVE-2016-6364 HIGH
Cisco Unified Communications Manager 11.5 - Auth Bypass
CVSS 7.5
CVE-2016-1484 HIGH
Cisco WebEx Meetings Server 2.6 - Auth Bypass
CVSS 7.5
Details
Vulnerabilities 10,178
Exploit Likelihood High