CWE-209

High likelihood

Generation of Error Message Containing Sensitive Information

Parent: CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor

The product generates an error message that includes sensitive information about its environment, users, or associated data.

561 vulnerabilities with CWE-209
CVE-2020-5274 MEDIUM
Symfony 4.4.0-4.4.4 - Information Disclosure via Unescaped Exception Properties
CVSS 4.6
CVE-2020-10097 MEDIUM
Zammad 3.0-3.2 - Sensitive Information Disclosure via Verbose Error Messages
CVSS 5.3
CVE-2020-9351 MEDIUM
SmartClient 12.0 - Unauthenticated Sensitive Information Exposure via Malformed XML in _transaction Parameter
CVSS 5.3
CVE-2020-6189 MEDIUM
SAP BusinessObjects <4.2 - Info Disclosure
CVSS 5.3
CVE-2020-7231 MEDIUM
Evoko Home - Username Enumeration via Login Error Message
CVSS 5.3
CVE-2019-18947 LOW
Micro Focus Solutions Business Manager Application Repository <11.7...
CVSS 3.5
CVE-2019-4547 MEDIUM
IBM Security Directory Server 6.4.0 - Info Disclosure
CVSS 5.3
CVE-2019-4699 LOW
IBM Security Guardium Data Encryption <3.0.0.2 - Info Disclosure
CVSS 2.7
CVE-2019-11252 MEDIUM
Kubernetes 1.0.0-1.16.0 - Credential Leakage via AzureFile and CephFS Mount Failure Logs
CVSS 5.9
CVE-2019-18865 MEDIUM
Blaauw Remote Kiln Control <v3.00r4 - Info Disclosure
CVSS 5.3
CVE-2019-12864 MEDIUM
SolarWinds Orion Platform 2018.4 HF3 - Information Leakage via Error Stack Trace
CVSS 5.5
CVE-2019-4729 MEDIUM
IBM Cognos Analytics <11.2 - Info Disclosure
CVSS 4.3
CVE-2019-4593 MEDIUM
IBM QRadar <7.3.4 - Info Disclosure
CVSS 4.3
CVE-2019-4601 MEDIUM
IBM Quality Manager - Info Disclosure
CVSS 4.3
CVE-2019-4619 MEDIUM
IBM MQ 7.1-7.5, 8.0-8.0.0.13, 9.0-9.0.0.8, 9.1-9.1.3 & Appliance 8.0-8.0.0.13, 9.1-9.1.3 - Sensitive Info Exposure
CVSS 5.5
CVE-2019-12446 HIGH
GitLab 8.3.0-11.11.0 - Information Exposure via Error Message
CVSS 7.5
CVE-2019-19993 MEDIUM
Selesta Visual Access Manager 4.15.0-4.29.0 - Unauthenticated Sensitive Information Exposure via Error Message
CVSS 5.3
CVE-2019-4583 MEDIUM
IBM Maximo Asset Mgmt <7.6.1.1 - Info Disclosure
CVSS 4.3
CVE-2019-4636 LOW
IBM Security Secret Server <10.7 - Info Disclosure
CVSS 2.7
CVE-2019-19806 MEDIUM
YetiShare 3.5.2-4.5.3 - Account Enumeration via Forgot Password Email Check
CVSS 5.3
CVE-2019-19342 MEDIUM
Ansible Tower <3.6.2, <3.5.4 - Info Disclosure
CVSS 5.3
CVE-2019-0404 HIGH
SAP Enable Now < 1911 - Information Disclosure via Server Error Messages
CVSS 7.5
CVE-2019-16768 LOW
Sylius <1.3.13-1.5.6 - Info Disclosure
CVSS 3.5
CVE-2019-13697 MEDIUM
Google Chrome <77.0.3865.120 - Info Disclosure
CVSS 6.5
CVE-2019-4570 MEDIUM
IBM Tivoli Netcool Impact <7.1.0.17 - Info Disclosure
CVSS 5.3
Details
Vulnerabilities 561
Exploit Likelihood High
Links
MITRE CWE Entry Search this CWE With Exploits