Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-497

CWE-497

Exposure of Sensitive System Information to an Unauthorized Control Sphere

Parent: CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor

The product does not properly prevent sensitive system-level information from being accessed by unauthorized actors who do not have the same level of access to the underlying system as the product does.

333 vulnerabilities with CWE-497

CVE-2024-52367 MEDIUM

IBM Concert Software <1.0.4 - Info Disclosure

CVE-2024-12993 MEDIUM

Infinix Mobile com.rlk.weathers - Unauthenticated Exposure of Sensitive Location Data via Unsecured Content Provider

CVE-2024-52321 MEDIUM

Sharp home 5G HR02 < S5.82.00 - Unauthenticated Exposure of Sensitive System Information via Configuration Backup

CVE-2024-54279 HIGH

WP-NERD Toolkit <= 1.1 - Sensitive System Information Exposure

CVE-2024-32732 MEDIUM

SAP BusinessObjects - Info Disclosure

CVE-2024-53814 MEDIUM

Analytify < 5.4.3 - Exposure of Sensitive System Information

CVE-2024-53867 MEDIUM

matrix-synapse 1.113.0rc1-1.120.0 - Exposure of Sensitive Room State Information via Sliding Sync

CVE-2024-25035 MEDIUM

IBM Cognos Controller <11.0.2 - Info Disclosure

CVE-2024-53768 MEDIUM

IDE Interactive Content Audit Exporter <1.1 - Info Disclosure

CVE-2024-22037 MEDIUM

uyuni-server-attestation - Info Disclosure

CVE-2024-10240 MEDIUM

GitLab EE <17.3.7-17.5.2 - Info Disclosure

CVE-2024-9929 MEDIUM

Hitachi Energy NSD570 <1.20 Authenticated Sensitive Info Exposure via Logs

CVE-2024-41781 MEDIUM

IBM PowerVM Hypervisor - Info Disclosure

CVE-2024-52033 MEDIUM

Rakuten Turbo 5G <V1.3.18 - Info Disclosure

CVE-2024-37070 MEDIUM

IBM Concert Software <1.0.3 - Info Disclosure

CVE-2024-52582 MEDIUM

Cachi2 < 0.14.0 - Exposure of Sensitive System Information via Exception Logging

CVE-2024-36509 MEDIUM

FortiWeb 6.3.0-6.3.23, 7.0.0-7.0.10, 7.2.0-7.2.10, 7.4.0-7.4.3, 7.6.0 - Sensitive Info Exposure via Log Access

CVE-2024-47799 LOW

Mesh Wi-Fi router RP562B <v1.0.2 - Info Disclosure

CVE-2024-50528 HIGH

Stacks Mobile App Builder <5.2.3 - Info Disclosure

CVE-2024-50425 MEDIUM

WP Booking System <= 2.0.19.10 - Exposure of Sensitive System Information

CVE-2024-48024 HIGH

Fahad Mahmood Keep Backup Daily <2.0.7 - Info Disclosure

CVE-2024-49252 MEDIUM

Leyka <= 3.31.6 - Exposure of Sensitive System Information

CVE-2024-9470 MEDIUM

Cortex XSOAR 6.12.0-6.12.0 (Build 1271551), 6.13.0+, 8.0.0+ - Unauthorized Incident Data Exposure

CVE-2024-6389 MEDIUM

GitLab-CE/EE <17.1.7, <17.2.5, <17.3.2 - Info Disclosure

CVE-2024-8687 HIGH

Palo Alto Networks PAN-OS - Info Disclosure

Previous Page 11 of 14 Next

Details

Vulnerabilities 333

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy