CWE-209

High likelihood

Generation of Error Message Containing Sensitive Information

Parent: CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor

The product generates an error message that includes sensitive information about its environment, users, or associated data.

561 vulnerabilities with CWE-209
CVE-2020-4536 MEDIUM
IBM OpenPages GRC Platform 8.0.0.0-8.1.0.1 - Sensitive Information Exposure via Error Message
CVSS 4.3
CVE-2020-1717 LOW
Keycloak 7.0.1 - Account Email Enumeration via Error Message
CVSS 2.7
CVE-2020-4628 MEDIUM
IBM Cloud Pak for Security 1.3.0.1 and 1.4.0.0 - Sensitive Information Exposure via Error Message
CVSS 5.3
CVE-2020-4600 MEDIUM
IBM Security Guardium Insights 2.0.2 - Sensitive Information Exposure via Error Message
CVSS 5.3
CVE-2020-4599 MEDIUM
IBM Security Guardium Insights 2.0.2 - Sensitive Information Exposure via Error Message
CVSS 5.3
CVE-2020-15219 MEDIUM
Combodo iTop <2.7.2-3.0.0 - Info Disclosure
CVSS 4.3
CVE-2020-4544 MEDIUM
IBM Jazz Foundation Products - Sensitive Information Exposure via Error Message
CVSS 4.3
CVE-2020-4487 MEDIUM
IBM Jazz Foundation Products - Sensitive Information Exposure via Detailed Technical Error Messages
CVSS 4.3
CVE-2020-4897 MEDIUM
IBM Emptoris Contract Management and Spend Analysis 10.1.0-10.1.3 - Information Disclosure via Error Message
CVSS 5.3
CVE-2020-4761 MEDIUM
IBM Sterling B2B Integrator 5.2.0.0-5.2.6.5_2, 6.0.0.0-6.0.3.2, 6.1.0.0 - Sensitive Info Exposure via Error
CVSS 5.3
CVE-2020-2505 LOW
QNAP QES < 2.1.1 - Information Disclosure via Error Message Generation
CVSS 2.3
CVE-2020-4842 MEDIUM
IBM Security Secret Server 10.6 - Sensitive Information Exposure via Error Message
CVSS 4.9
CVE-2020-4846 LOW
IBM Security Key Lifecycle Manager 3.0.1-3.0.1.5 - Sensitive Information Exposure via Error Message
CVSS 2.7
CVE-2020-35177 MEDIUM
HashiCorp Vault <1.5.6, <1.6.1 - Info Disclosure
CVSS 5.3
CVE-2020-4907 MEDIUM
IBM Financial Transaction Manager for SWIFT Services 3.2.4 - Sensitive Information Exposure
CVSS 5.3
CVE-2020-16128 LOW
Ubuntu Linux aptdaemon - Information Disclosure via DBus Terminal/DebconfSocket Properties
CVSS 3.8
CVE-2020-25640 MEDIUM
WildFly < 21.0.0 - Sensitive Information Disclosure in Resource Adapter Logs
CVSS 5.3
CVE-2020-16121 LOW
PackageKit - Information Disclosure via Detailed Error Messages
CVSS 3.3
CVE-2020-4483 MEDIUM
IBM UrbanCode Deploy 6.2.7.3, 6.2.7.4, 7.0.3.0, and 7.0.4.0 - Sensitive Information Exposure via Error Message
CVSS 4.3
CVE-2020-4584 HIGH
IBM i2 iBase < 8.9.13 - Sensitive Information Exposure via Error Message
CVSS 7.5
CVE-2020-27015 MEDIUM
Trend Micro Antivirus for Mac 2020 - Info Disclosure
CVSS 4.4
CVE-2020-15794 MEDIUM
Desigo Insight - Authenticated Sensitive Information Exposure via Error Message
CVSS 4.3
CVE-2020-25778 MEDIUM
Trend Micro Antivirus for Mac 2020 - Information Disclosure via Kernel Extension Pointer
CVSS 6.0
CVE-2020-15666 MEDIUM
Firefox < 80 - Sensitive Information Disclosure via MediaError Message
CVSS 6.5
CVE-2020-4629 LOW
IBM WebSphere Application Server 7.0-9.0 - Information Disclosure via Detailed Error Messages
CVSS 3.3
Details
Vulnerabilities 561
Exploit Likelihood High
Links
MITRE CWE Entry Search this CWE With Exploits