CWE-497

Exposure of Sensitive System Information to an Unauthorized Control Sphere

Parent: CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor

The product does not properly prevent sensitive system-level information from being accessed by unauthorized actors who do not have the same level of access to the underlying system as the product does.

334 vulnerabilities with CWE-497
CVE-2021-1235 MEDIUM
Cisco SD-WAN vManage Software - Info Disclosure
CVSS 5.5
CVE-2020-36926 HIGH
SmarterTrack 7922 - Info Disclosure
CVSS 7.5
CVE-2020-36922 HIGH
Sony BRAVIA Digital Signage <1.7.8 - Info Disclosure
CVSS 7.5
CVE-2020-25179 CRITICAL
Gehealthcare 3.0t Signa Hdxt Firmware - Information Disclosure
CVSS 9.8
CVE-2020-26076 HIGH
Cisco IoT Field Network Director < 4.6.1 - Sensitive Database Information Exposure
CVSS 7.5
CVE-2019-25230 MEDIUM
Kentico Xperience - Info Disclosure
CVSS 4.3
CVE-2019-25228 MEDIUM
Kentico Xperience - Info Disclosure
CVSS 5.3
CVE-2019-10243 MEDIUM
Eclipse Kura < 4.0.0 - Sensitive Information Exposure via Web Server Version Disclosure
CVSS 5.3
CVE-2018-25358 HIGH
D-Link DIR601 2.02NA Credential Disclosure via my_cgi.cgi
CVSS 7.5
Details
Vulnerabilities 334
Links
MITRE CWE Entry Search this CWE With Exploits