CWE-200

High likelihood

Exposure of Sensitive Information to an Unauthorized Actor

Parent: CWE-668 - Exposure of Resource to Wrong Sphere

The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

10,190 vulnerabilities with CWE-200
CVE-2015-3284
OpenAFS < 1.6.12 - Exposure of Sensitive Information via pioctls
CVE-2015-3282
OpenAFS < 1.6.13 - Exposure of Sensitive Information via VLDB Entry Update
CVE-2015-3187
Apache Subversion <1.7.21, <1.8.14 - Info Disclosure
CVE-2015-3184
Apache Subversion <1.7.21, <1.8.14 - Info Disclosure
CVE-2015-2058
jabberd2 < 2.3.2 - Authenticated Exposure of Sensitive Information via JID Processing
CVE-2015-2980
Yodobashi < 1.2.1.0 - Remote Code Execution via Crafted HTML Document
CVE-2015-2897
Sierra Wireless ALEOS <4.4.2 - Privilege Escalation
CVE-2015-4494
Mozilla Firefox OS < 2.1.0 - Unauthorized Wi-Fi System Message Information Exposure
CVE-2015-1970
IBM WebSphere DataPower XC10 Appliance 2.1-2.1.0.3 and 2.5-2.5.0.4 - Sensitive Data Exposure via SSD Card Retention
CVE-2015-5084
SIMATIC WinCC Sm@rtClient and Sm@rtClient Lite < 1.0 - Unprotected Password Exposure
CVE-2015-4295
Cisco Unified Communications Manager 10.5(3.10000.9) - Root Credential Exposure
CVE-2015-1488
Symantec Endpoint Protection Manager <12.1-RU6-MP1 - Info Disclosure
CVE-2015-1009
Schneider Electric InduSoft Web Studio <7.1.3.5 - Info Disclosure
CVE-2015-1840
Fedora < 3.1.2 - Information Disclosure
CVE-2015-4945
IBM Maximo Anywhere 7.5.1-7.5.1.2 - Unauthenticated Sensitive Information Exposure via Passcode Bypass
CVE-2015-4527
EMC Avamar Server and Avamar Virtual Edition 7.x - Directory Traversal via Avamar Desktop/Laptop Client Interface
CVE-2015-1285
Blink <44.0.2403.89 - Info Disclosure
CVE-2015-5610
SolarWinds N-Able N-Central <9.5.1.4514 - Privilege Escalation
CVE-2015-1984
IBM InfoSphere MDM Collaborative Edition 9.1-11.4 < FP03 - Sensitive Info Exposure via Profile Bypass
CVE-2015-1982
IBM InfoSphere MDM Collaborative Edition 9.1-11.4 < FP03 - Sensitive Info Exposure
CVE-2015-1883
IBM DB2 9.7-9.7 FP10, 9.8-9.8 FP5, 10.1 < FP5, 10.5-10.5 FP5 - Sensitive Information Exposure via Stored Procedure
CVE-2015-4735
Oracle Enterprise Manager 11.2.0.3-11.2.0.4 & Grid Control 11.1.0.1 - Sensitive Information Exposure
CVE-2015-5107
Adobe Acrobat < 10.1.15 - Information Disclosure
CVE-2015-5092
Adobe Acrobat/Reader <10.1.15/11.0.12/DC Classic 2015.006.30060/DC Continuous 2015.008.20082 - Sensitive Info Exposure
CVE-2015-5089
Adobe Acrobat < 10.1.14 - Information Disclosure
Details
Vulnerabilities 10,190
Exploit Likelihood High