CWE-209

High likelihood

Generation of Error Message Containing Sensitive Information

Parent: CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor

The product generates an error message that includes sensitive information about its environment, users, or associated data.

561 vulnerabilities with CWE-209
CVE-2021-1546 MEDIUM
Cisco SD-WAN Software - Authenticated Sensitive Information Disclosure via CLI File Access
CVSS 5.5
CVE-2021-20508 MEDIUM
IBM Security Secret Server <11.0 - Info Disclosure
CVSS 4.3
CVE-2021-39458 MEDIUM
redaxo 5.12.1 - Authenticated Sensitive Information Exposure via Import Error Page
CVSS 6.5
CVE-2021-32766 MEDIUM
nextcloud_server < 20.0.12 - Information Disclosure via Text Application Error Messages
CVSS 5.3
CVE-2021-35947 MEDIUM
owncloud < 10.8.0 - Information Disclosure via Public Share URL
CVSS 5.3
CVE-2021-25958 MEDIUM
Apache OFBiz 17.12.01-17.12.07 - Information Disclosure via Exception Handling
CVSS 6.5
CVE-2021-22249 MEDIUM
GitLab 12.2.0-13.12.8 - Private Email Address Disclosure via Verbose Error Message
CVSS 4.3
CVE-2021-29784 MEDIUM
IBM i2 Analyze 4.3.0-4.3.2 - Sensitive Information Exposure via Error Message
CVSS 4.3
CVE-2021-29767 MEDIUM
IBM i2 Analyst's Notebook Premium 9.2.0-9.2.2 - Sensitive Information Exposure via Error Message
CVSS 5.3
CVE-2021-29766 MEDIUM
IBM i2 Analyze 4.3.0-4.3.2 - Sensitive Information Exposure via Error Message
CVSS 5.3
CVE-2021-20430 MEDIUM
IBM i2 Analyst's Notebook Premium - Info Disclosure
CVSS 5.3
CVE-2021-25809 MEDIUM
UCMS 1.5.0 - Sensitive Information Exposure via Error Message in adminchannelscache()
CVSS 5.3
CVE-2021-32775 HIGH
Combodo iTop <2.7.4-3.0.0 - Info Disclosure
CVSS 7.7
CVE-2021-22145 MEDIUM
Elasticsearch 7.10.0-7.13.3 - Memory Disclosure via Malformed Query Error Message
CVSS 6.5
CVE-2021-20523 LOW
IBM Security Verify Access Docker 10.0.0 - Info Disclosure
CVSS 2.7
CVE-2021-20499 LOW
IBM Security Verify Access Docker 10.0.0 - Info Disclosure
CVSS 2.7
CVE-2021-20424 MEDIUM
IBM Cloud Pak for Apps 4.3 - Info Disclosure
CVSS 4.3
CVE-2021-33711 MEDIUM
Teamcenter Active Workspace <V4.3.9-V5.1.4 - Info Disclosure
CVSS 5.3
CVE-2021-32734 LOW
Nextcloud Server <19.0.13, <20.011, <21.0.3 - Info Disclosure
CVSS 3.1
CVE-2021-20417 MEDIUM
IBM Guardium Data Encryption (GDE) 4.0.0.4 - Info Disclosure
CVSS 4.3
CVE-2021-20413 MEDIUM
IBM Guardium Data Encryption (GDE) 4.0.0.4 - Info Disclosure
CVSS 4.3
CVE-2021-32712 MEDIUM
Shopware < 5.6.10 - Sensitive Information Exposure via Error Message
CVSS 5.3
CVE-2021-31159 MEDIUM
Zoho ManageEngine ServiceDesk Plus MSP <10519 - Info Disclosure
CVSS 5.3
CVE-2021-26997 MEDIUM
E-Series SANtricity OS Controller 11.0.0-11.70.0 - Information Disclosure via Error Message
CVSS 6.5
CVE-2021-30357 MEDIUM
SSL Network Extender Client <build 800008302 - Info Disclosure
CVSS 5.3
Details
Vulnerabilities 561
Exploit Likelihood High
Links
MITRE CWE Entry Search this CWE With Exploits