CWE-209

High likelihood

Generation of Error Message Containing Sensitive Information

Parent: CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor

The product generates an error message that includes sensitive information about its environment, users, or associated data.

561 vulnerabilities with CWE-209
CVE-2024-45713 MEDIUM
SolarWinds Kiwi CatTools < 3.12 - Sensitive Data Exposure via Troubleshooting Mode
CVSS 5.1
CVE-2024-44762 MEDIUM
Webmin Usermin <2.100 - Info Disclosure
CVSS 5.3
CVE-2024-7038 LOW
open-webui 0.3.8 - Information Disclosure via Embedding Model Update Error Messages
CVSS 2.7
CVE-2024-47803 MEDIUM
Jenkins < 2.462.3 and < 2.479 - Sensitive Information Exposure in Error Messages
CVSS 4.3
CVE-2024-45817 HIGH
Xen >= 4.5.0 - Denial of Service via APIC Error Interrupt Deadlock
CVSS 7.3
CVE-2024-7426 MEDIUM
PeepSo < 6.4.6.0 - Unauthenticated Full Path Disclosure via sse.php
CVSS 5.3
CVE-2024-45384 MEDIUM
Apache Druid <30.0.0 - Padding Oracle
CVSS 5.3
CVE-2024-6544 MEDIUM
Custom Post Limits <4.4.1 - Info Disclosure
CVSS 5.3
CVE-2024-5435 MEDIUM
GitLab 15.10.0-17.1.6, 17.2.0-17.2.4, 17.3.0-17.3.1 - Sensitive Information Disclosure
CVSS 4.5
CVE-2024-8571 LOW
erjemin roll_cms - Information Exposure Through Error Message in views.py
CVSS 3.5
CVE-2024-7415 MEDIUM
Remember Me Controls <= 2.0.1 - Unauthenticated Full Path Disclosure via bootstrap.php
CVSS 5.3
CVE-2024-6551 MEDIUM
GiveWP - Donation Plugin <3.15.1 - Info Disclosure
CVSS 5.3
CVE-2024-45440 MEDIUM
Drupal 10.3.0-10.3.5 - Full Path Disclosure via Missing hash_salt File
CVSS 5.3
CVE-2024-41674 MEDIUM
CKAN 2.0-2.10.4 - Sensitive Information Exposure via Solr Error Message
CVSS 5.3
CVE-2024-43376 MEDIUM
Umbraco CMS 14.0.0-14.1.1 - Sensitive Information Exposure via Management API Error Messages
CVSS 4.3
CVE-2024-39751 MEDIUM
IBM InfoSphere Information Server 11.7 - Sensitive Information Exposure via Detailed Error Messages
CVSS 4.3
CVE-2024-6980 CRITICAL
Bitdefender GravityZone < 6.38.1-5 - Server-Side Request Forgery via Proxy Service Error Handling
CVSS 9.8
CVE-2024-5250 LOW
Akana API Platform < 2024.1.0 - Information Disclosure via SAML Error Messages
CVSS 3.5
CVE-2024-6984 HIGH
Juju 2.9-2.9.49 - Sensitive Information Exposure via Context ID Leak
CVSS 8.8
CVE-2024-3454 LOW
Matter 1.2 - Information Disclosure via Fabric Device Footprinting
CVSS 3.5
CVE-2024-39737 MEDIUM
IBM Datacap Navigator 9.1.5-9.1.9 - Sensitive Information Exposure via Error Message
CVSS 5.4
CVE-2024-6613 MEDIUM
Firefox and Thunderbird < 128 - Information Disclosure via WASM Frame Iterator
CVSS 5.5
CVE-2024-35119 MEDIUM
IBM InfoSphere Information Server 11.7 - Sensitive Information Exposure via Stack Trace Error Message
CVSS 5.3
CVE-2024-35156 MEDIUM
IBM MQ 9.3.0.0-9.3.0.19 and 9.3.0.0-9.3.9.9 - Information Disclosure via Error Message
CVSS 6.5
CVE-2024-35155 MEDIUM
IBM MQ Console 9.3 LTS and 9.3 CD - Sensitive Information Exposure via Detailed Error Messages
CVSS 6.5
Details
Vulnerabilities 561
Exploit Likelihood High
Links
MITRE CWE Entry Search this CWE With Exploits