CWE-200

High likelihood

Exposure of Sensitive Information to an Unauthorized Actor

Parent: CWE-668 - Exposure of Resource to Wrong Sphere

The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

10,191 vulnerabilities with CWE-200
CVE-2014-4804
IBM Curam <6.0.5.5 - Info Disclosure
CVE-2014-7853
Red Hat JBoss EAP < 6.3.3 Authenticated Sensitive Information Exposure via JacORB
CVE-2014-0154
oVirt Engine <3.5.0 - Info Disclosure
CVE-2014-4781
IBM InfoSphere BigInsights <3.0.0.2 - Info Disclosure
CVE-2014-8733
Cloudera Manager <5.3.0 - Info Disclosure
CVE-2014-9354
NetApp OnCommand Balance <4.2P3 - Info Disclosure
CVE-2014-9049
ownCloud Server <6.0.6, <7.0.3 - Info Disclosure
CVE-2014-9046
ownCloud Server <5.0.18, <6.0.6, <7.0.3 - Info Disclosure
CVE-2014-9044
owncloud_server 7.x - Sensitive Information Exposure via Asset Pipeline MD5 Hash
CVE-2014-5341
owncloud < 6.0.4 - Exposure of Sensitive Information via SFTP External Storage Driver
CVE-2014-9568
puppetlabs-rabbitmq <4.1 - Info Disclosure
CVE-2014-6170
IBM Integration Bus and WebSphere Message Broker - Exposure of Sensitive Information via HTTPInput Node SOAP Fault
CVE-2014-8839
Apple OS X <10.10.2 - Info Disclosure
CVE-2014-8834
Apple OS X 10.10 <10.10.2 - Info Disclosure
CVE-2014-8832
Apple OS X <10.10.2 - Info Disclosure
CVE-2014-4499
Apple OS X <10.10.2 - Info Disclosure
CVE-2014-4491
Apple iOS <8.1.3, OS X <10.10.2, TV <7.0.3 - Info Disclosure
CVE-2014-8008
Cisco Unified Communications Manager - Authenticated Absolute Path Traversal via RTMT API
CVE-2014-9225
Symantec SCSP/SDCS:SA <6.0 MP1 - Info Disclosure
CVE-2014-6172
IBM API Management 3.0 - Exposure of Sensitive Analytics Information
CVE-2014-4835
IBM ServerGuide <9.63 - Info Disclosure
CVE-2014-9199
Clorius Controls Java web client <01.00.0009g - Info Disclosure
CVE-2014-9593
Apache CloudStack <4.3.2, <4.4.2 - Info Disclosure
CVE-2014-8637
Mozilla Firefox <35.0 & SeaMonkey <2.32 - Info Disclosure
CVE-2014-5233
SIMATIC WinCC Sm@rtClient < 1.0 - Exposure of Sm@rtServer Credentials via Credential-Processing Error
Details
Vulnerabilities 10,191
Exploit Likelihood High