CWE-209

High likelihood

Generation of Error Message Containing Sensitive Information

Parent: CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor

The product generates an error message that includes sensitive information about its environment, users, or associated data.

561 vulnerabilities with CWE-209
CVE-2021-20371 MEDIUM
IBM Jazz Foundation - Info Disclosure
CVSS 6.5
CVE-2021-22885 HIGH
Action Pack >= 2.0.0 - Info Disclosure
CVSS 7.5
CVE-2021-20428 MEDIUM
IBM Security Guardium 11.2 - Info Disclosure
CVSS 5.3
CVE-2021-29688 HIGH
IBM Security Identity Manager 7.0.2 - Sensitive Information Exposure via Error Message
CVSS 7.5
CVE-2021-29682 MEDIUM
IBM Security Identity Manager 7.0.2 - Sensitive Information Exposure via Error Message
CVSS 5.3
CVE-2021-29040 MEDIUM
Liferay Digital Experience Platform < 7.0 and 7.3.4 - Information Disclosure via Verbose Error Messages
CVSS 5.3
CVE-2021-20393 HIGH
IBM QRadar User Behavior Analytics <4.1.0 - Info Disclosure
CVSS 7.5
CVE-2021-23135 MEDIUM
Argo CD <1.8.7, <1.7.14 - Info Disclosure
CVSS 5.9
CVE-2021-31341 MEDIUM
Mendix Database Replication < 7.0.1 - Information Disclosure via Malformed XML Table Mapping
CVSS 4.3
CVE-2021-31339 MEDIUM
Mendix Excel Importer < 9.0.3 - Information Disclosure via Malformed XML File Upload
CVSS 4.3
CVE-2021-21421 HIGH
node-etsy-client < 0.3.0 - Sensitive Information Exposure via Error Message
CVSS 8.1
CVE-2021-21416 LOW
django-registration < 3.1.2 - Sensitive Information Exposure in Error Reports
CVSS 3.7
CVE-2021-3393 MEDIUM
PostgreSQL < 11.11, < 12.6, < 13.2 - Information Disclosure via Error Message
CVSS 4.3
CVE-2021-20289 MEDIUM
RESTEasy < 4.6.0 - Information Exposure via Error Message
CVSS 5.3
CVE-2021-22169 MEDIUM
GitLab 13.4.0-13.5.5 - Internal IP Address Exposure via Error Message
CVSS 4.3
CVE-2021-22193 LOW
GitLab 7.1.0-13.6.5 - Information Disclosure via Private Project Name Validation
CVSS 3.5
CVE-2021-23973 MEDIUM
Firefox < 86.0, Firefox ESR < 78.8, Thunderbird < 78.8 - Information Disclosure via Cross-Origin Media Decoding Error
CVSS 6.5
CVE-2021-23968 MEDIUM
Firefox < 86.0, Firefox ESR < 78.8, Thunderbird < 78.8 - Information Disclosure via CSP Violation Report
CVSS 4.3
CVE-2021-20402 LOW
IBM Security Verify Information Queue <1.0.8 - Info Disclosure
CVSS 2.7
CVE-2020-4868 MEDIUM
IBM TRIRIGA Application Platform 3.0-4.4 - Sensitive Information Exposure via Error Message
CVSS 4.3
CVE-2020-5026 MEDIUM
IBM Financial Transaction Manager for Digital Payments 3.2.0-3.2.7 - Sensitive Information Exposure via Error Message
CVSS 4.3
CVE-2020-4941 MEDIUM
IBM Edge Application Manager 4.2 - Sensitive Information Exposure via Error Pages
CVSS 4.3
CVE-2020-20470 MEDIUM
White Shark System 1.3.2 - Sensitive Information Exposure via Physical Path Leakage
CVSS 5.3
CVE-2020-23995 MEDIUM
ILIAS <5.3.19, 5.4.12, 6.0 - Info Disclosure
CVSS 6.5
CVE-2020-19275 MEDIUM
dhcms <2017-09-18 - Info Disclosure
CVSS 5.3
Details
Vulnerabilities 561
Exploit Likelihood High
Links
MITRE CWE Entry Search this CWE With Exploits