CWE-200 - Information exposure

Description

    This weakness describes intentional or unintentional disclosure of information that is considered sensitive. First of all it affects confidentiality of data.
    The information is considered sensitive when:
    It is sensitive within the product functionality (e.g. information with restricted access, private messages, etc.)
    It contains data about the product itself, its environment or the related system that is not intended be disclosed by the application.
The vulnerability is introduced during Architecture and Design, Implementation stages.


Latest vulnerabilities for CWE-200

Multiple vulnerabilities in cPanel EasyApache 2025-02-20
High Yes
Multiple vulnerabilities in HPE Aruba Networking ClearPass Policy Manager (CPPM) 2025-02-20
Medium Yes
Information disclosure in Cisco Video Phone 8875 and Desk Phone 9800 Series 2025-02-20
Low Yes
Multiple vulnerabilities in GRUB2 2025-02-19
Low Yes
Multiple vulnerabilities in Moodle 2025-02-18
High Yes
Multiple vulnerabilities in IBM Dynamic System Analysis (DSA) Preboot 2025-02-14
Medium Yes Public exploit
Multiple vulnerabilities in IBM Flex System Chassis Management Module (CMM) 2025-02-14
Medium Yes Public exploit
Multiple vulnerabilities in IBM SPSS Collaboration and Deployment Services 2025-02-14
Medium Yes Public exploit
Multiple vulnerabilities in IBM Dynamic System Analysis (DSA) Preboot 2025-02-13
Low Yes
Multiple vulnerabilities in Open Social module for Drupal 2025-02-13
Medium Yes

References

Description of CWE-200 on Mitre website