Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-497

CWE-497

Exposure of Sensitive System Information to an Unauthorized Control Sphere

Parent: CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor

The product does not properly prevent sensitive system-level information from being accessed by unauthorized actors who do not have the same level of access to the underlying system as the product does.

333 vulnerabilities with CWE-497

CVE-2024-39740 MEDIUM

IBM Datacap Navigator <9.1.10 - Info Disclosure

CVE-2024-39675 HIGH

RUGGEDCOM <V4.3.10 - Path Traversal

CVE-2024-31223 MEDIUM

Fides 2.19.0-2.39.2rc0 - Unauthenticated Exposure of Sensitive System Information via SERVER_SIDE_FIDES_API_URL

CVE-2024-5735 HIGH

AdmirorFrames <5.0 - Info Disclosure

CVE-2024-6388 MEDIUM

Ubuntu Advantage Desktop Daemon <1.12 - Info Disclosure

CVE-2024-4008 CRITICAL

ABB FTS Display and BCU - KNX Bus Control via FDSK Leak

CVE-2024-36070 HIGH

tine < 2023.11.8 - Unauthenticated Sensitive Information Exposure via Setup.php

CVE-2024-1809 MEDIUM

Analytify < 5.2.3 - Authenticated Sensitive Information Exposure via AJAX

CVE-2024-31887 HIGH

IBM Security Verify Privilege <11.6.25 - Info Disclosure

CVE-2024-3774 MEDIUM

aEnrich a+HRD - Unauthenticated Sensitive Information Exposure via System Configuration Parameter

CVE-2024-31419 MEDIUM

OpenShift Virtualization - Info Disclosure

CVE-2024-0053 LOW

Android - Local Information Disclosure via PrintManagerService getCustomPrinterIcon

CVE-2024-25634 HIGH

alf.io <2.0-Mr-2402 - Info Disclosure

CVE-2024-22125 HIGH

Microsoft Edge <1.0 - Info Disclosure

CVE-2024-22124 MEDIUM

SAP NetWeaver ICM and Web Dispatcher - Exposure of Sensitive System Information

CVE-2023-37525 MEDIUM

HCL BigFix Compliance - Unauthenticated Sensitive Information Disclosure via WEB-INF Directory Access

CVE-2023-23472 LOW

IBM InfoSphere DataStage Flow Designer - Info Disclosure

CVE-2023-42010 LOW

IBM Sterling B2B Integrator <6.1.2.5, <6.2.0.2 - Info Disclosure

CVE-2023-50180 MEDIUM

FortiADC <= 7.4.1, <= 7.2.3, <= 7.1.4, <= 7.0.5, < 6.2.6 - Exposure of Sensitive System Information

CVE-2023-4605 MEDIUM

Lenovo XClarity Administrator - Info Disclosure

CVE-2023-50959 MEDIUM

IBM Cloud Pak for Business Automation <23.0.2 - Info Disclosure

CVE-2023-5081 LOW

Lenovo Tab M8 HD Firmware - Information Disclosure via Non-Resettable Device Identifier

CVE-2023-41366 MEDIUM

SAP NetWeaver Application Server ABAP - Info Disclosure

CVE-2023-34209 MEDIUM

EasyUse MailHunter Ultimate <2023 - Info Disclosure

CVE-2023-4237 HIGH

Ansible Automation Platform - Info Disclosure

Previous Page 12 of 14 Next

Details

Vulnerabilities 333

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy