CWE-200

High likelihood

Exposure of Sensitive Information to an Unauthorized Actor

Parent: CWE-668 - Exposure of Resource to Wrong Sphere

The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

10,182 vulnerabilities with CWE-200
CVE-2016-2149 MEDIUM
Red Hat OpenShift Enterprise 3.2 - Authenticated Namespace Log File Exposure via Reused Namespace Name
CVSS 6.5
CVE-2016-2142 MEDIUM
Red Hat OpenShift Enterprise 3.1 - Credential Exposure via World-Readable File
CVSS 5.5
CVE-2016-4367 HIGH
HPE Universal CMDB <10.22 - Info Disclosure
CVSS 7.5
CVE-2016-2027 HIGH
HPE Matrix Operating Environment <7.5.1 - Info Disclosure
CVSS 7.5
CVE-2016-2026 HIGH
HPE Matrix Operating Environment <7.5.1 - Info Disclosure
CVSS 7.5
CVE-2016-1698 MEDIUM
Google Chrome <51.0.2704.79 - Code Injection
CVSS 6.5
CVE-2016-1687 MEDIUM
Google Chrome <51.0.2704.63 - Info Disclosure
CVSS 6.5
CVE-2016-1677 MEDIUM
Google V8 <5.1.281.26 - Info Disclosure
CVSS 6.5
CVE-2016-4785 MEDIUM
SIPROTEC Firmware - Exposure of Sensitive Information via Web Server
CVSS 5.3
CVE-2016-4784 MEDIUM
SIPROTEC Firmware - Exposure of Sensitive Information via Web Server
CVSS 5.3
CVE-2016-4521 CRITICAL
Sixnet BT-5xxx/BT-6xxx M2M <3.8.21/3.9.8 - Unauthenticated Sensitive Info Exposure via Hardcoded Credentials
CVSS 9.8
CVE-2016-2295 HIGH
Moxa MiiNePort E1/E2/E3 Firmware - Unauthenticated Sensitive Information Exposure via Configuration File
CVSS 7.5
CVE-2016-2311 MEDIUM
Black Box ServSensor, ServSensor Junior, and ServSensor Contact < SP473 - Authenticated Password Exposure
CVSS 6.5
CVE-2016-2025 HIGH
HPE Service Manager <9.42 - Info Disclosure
CVSS 7.5
CVE-2016-2023 MEDIUM
HPE RESTful Interface Tool 1.40 - Info Disclosure
CVSS 5.5
CVE-2016-1404 HIGH
Cisco UCS Invicta <5.0.1 - Info Disclosure
CVSS 7.5
CVE-2016-1410 HIGH
Cisco WebEx Meeting Center - Info Disclosure
CVSS 7.5
CVE-2016-3664 HIGH
Trend Micro Mobile Security <3.2.1188 - Info Disclosure
CVSS 7.4
CVE-2016-4913 HIGH
Linux Kernel < 4.5.5 - Information Exposure via ISOFS Rock Ridge NM Entry
CVSS 7.8
CVE-2016-4580 HIGH
Linux Kernel < 4.5.5 - Information Exposure via X.25 Call Request
CVSS 7.5
CVE-2016-4578 MEDIUM
Linux Kernel < 4.6 - Information Disclosure via Uninitialized ALSA Timer Data Structures
CVSS 5.5
CVE-2016-4569 MEDIUM
Linux Kernel < 4.6 - Unauthorized Information Exposure via ALSA Timer Interface
CVSS 5.5
CVE-2016-4486 LOW
SUSE Linux Enterprise - Information Disclosure via Netlink Message
CVSS 3.3
CVE-2016-4485 HIGH
Linux Kernel < 4.5.5 - Information Disclosure via Uninitialized Data Structure in llc_cmsg_rcv
CVSS 7.5
CVE-2016-4482 MEDIUM
Linux Kernel < 4.6 - Information Disclosure via USBDEVFS_CONNECTINFO ioctl
CVSS 6.2
Details
Vulnerabilities 10,182
Exploit Likelihood High