Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-497

CWE-497

Exposure of Sensitive System Information to an Unauthorized Control Sphere

Parent: CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor

The product does not properly prevent sensitive system-level information from being accessed by unauthorized actors who do not have the same level of access to the underlying system as the product does.

334 vulnerabilities with CWE-497

CVE-2023-4237 HIGH

Ansible Automation Platform - Info Disclosure

CVE-2023-20111 MEDIUM

Cisco Identity Services Engine - Authenticated Exposure of Sensitive System Information via Web Management Interface

CVE-2023-37487 MEDIUM

SAP Business One (Service Layer) - version 10.0 - Info Disclosure

CVE-2023-0342 LOW

MongoDB Ops Manager <5.0.21, <6.0.12 - Info Disclosure

CVE-2023-2541 MEDIUM

KNIME Business Hub <1.4.0 - Info Disclosure

CVE-2023-32550 CRITICAL

Landscape < 19.10.5 - Sensitive Information Exposure via Server-Status Page

CVE-2023-0005 MEDIUM

Palo Alto Networks PAN-OS - Info Disclosure

CVE-2022-4985 HIGH

Vodafone H500s <3.5.10 - Info Disclosure

CVE-2022-50237 MEDIUM

ed25519-dalek < 2.0.0 - Private Key Exposure via Double Public Key Signing Oracle

CVE-2022-43852 MEDIUM

IBM Aspera Console <3.4.4 - Info Disclosure

CVE-2022-4968 MEDIUM

netplan < 1.0.1 - Exposure of Sensitive System Information via WireGuard Private Key Leak

CVE-2022-34458 MEDIUM

Dell Command | Update <4.7 - Info Disclosure

CVE-2022-38710 MEDIUM

IBM Robotic Process Automation <21.0.2 - Info Disclosure

CVE-2022-2403 MEDIUM

OpenShift >=4.9 - Authenticated Credentials Leak via oauth-serving-cert ConfigMap

CVE-2022-1902 HIGH

Red Hat Advanced Cluster Security - Privilege Escalation

CVE-2022-20664 HIGH

Cisco Secure Email and Web Manager - Info Disclosure

CVE-2022-20734 MEDIUM

Cisco SD-WAN vManage Software - Info Disclosure

CVE-2022-28651 HIGH

JetBrains IntelliJ IDEA <2021.3.3 - Info Disclosure

CVE-2021-1234 MEDIUM

Cisco SD-WAN vManage - Info Disclosure

CVE-2021-0291 MEDIUM

Juniper Networks Junos OS/Junos OS Evolved - Info Disclosure

CVE-2021-31955 MEDIUM KEV

Windows 10 1809-21H1 and Windows Server 2019-20H2 - Kernel Information Disclosure

CVE-2021-1544 MEDIUM

Cisco Webex Meetings - Info Disclosure

CVE-2021-23135 MEDIUM

Argo CD <1.8.7, <1.7.14 - Info Disclosure

CVE-2021-1535 MEDIUM

Cisco SD-WAN vManage - Info Disclosure

CVE-2021-0260 HIGH

Juniper Networks Junos OS <17.3R3-S9 - Info Disclosure

Previous Page 13 of 14 Next

Details

Vulnerabilities 334

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy