CWE-209

High likelihood

Generation of Error Message Containing Sensitive Information

Parent: CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor

The product generates an error message that includes sensitive information about its environment, users, or associated data.

561 vulnerabilities with CWE-209
CVE-2020-25633 MEDIUM
RESTEasy < 4.5.6.Final - Information Disclosure via WebApplicationException Error Message
CVSS 5.3
CVE-2020-24925 HIGH
ElkarBackup 1.3.3 - Sensitive Information Exposure via Error Message
CVSS 7.5
CVE-2020-4166 MEDIUM
IBM Security Guardium Insights 2.0.1 - Sensitive Information Exposure via Error Message
CVSS 5.3
CVE-2020-15132 MEDIUM
Sulu < 1.6.35 - Information Disclosure via Forgot Password Feature
CVSS 5.3
CVE-2020-14337 MEDIUM
Red Hat Ansible Tower - Sensitive Information Exposure via HTTP Error Codes
CVSS 5.8
CVE-2020-8213 MEDIUM
UniFi Protect <1.13.4-beta.5 - Info Disclosure
CVSS 5.3
CVE-2020-15125 HIGH
auth0.js < 2.27.1 - Sensitive Information Exposure via Authorization Header Logging
CVSS 7.7
CVE-2020-4572 MEDIUM
IBM Security Key Lifecycle Manager 3.0.1 and 4.0 - Sensitive Information Exposure via Error Message
CVSS 5.3
CVE-2020-13997 HIGH
Shopware < 6.2.3 - Unauthenticated Sensitive Information Exposure via Database Error Message
CVSS 7.5
CVE-2020-4319 MEDIUM
IBM MQ Appliance < 8.0.0.15 - Error Information Exposure
CVSS 4.3
CVE-2020-6511 MEDIUM
Google Chrome < 84.0.4147.89 - Information Leak via Content Security Policy
CVSS 6.5
CVE-2020-15478 HIGH
Journal theme < 3.1.0 - Sensitive Data Exposure via SQL Error Messages
CVSS 7.5
CVE-2020-4341 MEDIUM
IBM Security Secret Server < 10.8 - Sensitive Information Exposure via Error Message
CVSS 5.3
CVE-2020-4327 MEDIUM
IBM Security Secret Server < 10.8 - Sensitive Information Exposure via Error Message
CVSS 5.3
CVE-2020-4532 MEDIUM
IBM Business Automation Workflow and Business Process Manager - Sensitive Information Exposure via Error Message
CVSS 5.3
CVE-2020-6503 MEDIUM
Google Chrome < 74.0.3729.108 - Information Disclosure via Accessibility Feature
CVSS 6.5
CVE-2020-4248 LOW
IBM Security Identity Governance and Intelligence 5.2.6 - Sensitive Information Exposure via Error Message
CVSS 2.7
CVE-2020-4357 MEDIUM
IBM Spectrum Scale 5.0.0.0-5.0.4.4 - Sensitive Information Exposure via Error Message
CVSS 4.3
CVE-2020-4085 MEDIUM
HCL Connections - Information Disclosure via Stack Trace
CVSS 6.5
CVE-2020-11883 MEDIUM
Divante vue-storefront-api and storefront-api - Information Disclosure via Error Stack Trace
CVSS 5.3
CVE-2020-4277 HIGH
IBM TRIRIGA Application Platform 3.5.3 and 3.6.1 - Sensitive Information Exposure via Error Messages
CVSS 7.5
CVE-2020-6438 MEDIUM
Google Chrome < 81.0.4044.92 - Sensitive Information Exposure via Malicious Extension
CVSS 4.3
CVE-2020-4164 LOW
IBM Security Information Queue 1.0.0-1.0.5 - Sensitive Information Exposure via Error Messages
CVSS 2.7
CVE-2020-11594 HIGH
CIPPlanner CIPAce < 9.1 - Unauthenticated Sensitive Information Exposure via Stack Error
CVSS 7.5
CVE-2020-4239 MEDIUM
IBM Tivoli Netcool Impact 7.1.0.0-7.1.0.17 - Sensitive Information Exposure via Error Message
CVSS 5.3
Details
Vulnerabilities 561
Exploit Likelihood High
Links
MITRE CWE Entry Search this CWE With Exploits