Common Weakness Enumeration

CWE-497

Allowed

Exposure of Sensitive System Information to an Unauthorized Control Sphere

Abstraction: Base · Status: Incomplete

The product does not properly prevent sensitive system-level information from being accessed by unauthorized actors who do not have the same level of access to the underlying system as the product does.

669 vulnerabilities reference this CWE, most recent first.

GHSA-45Q7-XHFM-XQJP

Vulnerability from github – Published: 2025-01-15 15:31 – Updated: 2025-01-15 15:31
VLAI
Details

A flaw was found in the FreeIPA API audit, where it sends the whole FreeIPA command line to journalctl. As a consequence, during the FreeIPA installation process, it inadvertently leaks the administrative user credentials, including the administrator password, to the journal database. In the worst-case scenario, where the journal log is centralized, users with access to it can have improper access to the FreeIPA administrator credentials.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2024-11029"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-497"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-01-15T13:15:08Z",
    "severity": "MODERATE"
  },
  "details": "A flaw was found in the FreeIPA API audit, where it sends the whole FreeIPA command line to journalctl. As a consequence, during the FreeIPA installation process, it inadvertently leaks the administrative user credentials, including the administrator password, to the journal database. In the worst-case scenario, where the journal log is centralized, users with access to it can have improper access to the FreeIPA administrator credentials.",
  "id": "GHSA-45q7-xhfm-xqjp",
  "modified": "2025-01-15T15:31:24Z",
  "published": "2025-01-15T15:31:24Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-11029"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHSA-2025:0334"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/security/cve/CVE-2024-11029"
    },
    {
      "type": "WEB",
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2325557"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-48Q3-PRGV-GM4W

Vulnerability from github – Published: 2025-07-10 16:50 – Updated: 2025-07-10 19:22
VLAI
Summary
Parse Server exposes the data schema via GraphQL API
Details

Impact

The Parse Server GraphQL API previously allowed public access to the GraphQL schema without requiring a session token or the master key. While schema introspection reveals only metadata and not actual data, this metadata can still expand the potential attack surface.

Patches

The issue has been addressed by requiring the master key for schema introspection. Additionally, a new Parse Server configuration option, graphQLPublicIntrospection, has been introduced. This option allows developers to re-enable public schema introspection if their application relies on it. However, it is strongly recommended to use this option only temporarily and to update the application to function without depending on public introspection.

Workarounds

None available.

References

  • GitHub security advisory: https://github.com/parse-community/parse-server/security/advisories/GHSA-48q3-prgv-gm4w
  • Fix for Parse Server 7: https://github.com/parse-community/parse-server/pull/9820
  • Fix for Parse Server 8: https://github.com/parse-community/parse-server/pull/9819
Show details on source website

{
  "affected": [
    {
      "package": {
        "ecosystem": "npm",
        "name": "parse-server"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "8.0.0"
            },
            {
              "fixed": "8.2.2"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "npm",
        "name": "parse-server"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "5.3.0"
            },
            {
              "fixed": "7.5.3"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2025-53364"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-497"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2025-07-10T16:50:36Z",
    "nvd_published_at": "2025-07-10T16:15:24Z",
    "severity": "MODERATE"
  },
  "details": "### Impact\n\nThe Parse Server GraphQL API previously allowed public access to the GraphQL schema without requiring a session token or the master key. While schema introspection reveals only metadata and not actual data, this metadata can still expand the potential attack surface.\n\n### Patches\n\nThe issue has been addressed by requiring the master key for schema introspection. Additionally, a new Parse Server configuration option, `graphQLPublicIntrospection`, has been introduced. This option allows developers to re-enable public schema introspection if their application relies on it. However, it is strongly recommended to use this option only temporarily and to update the application to function without depending on public introspection.\n\n### Workarounds\n\nNone available.\n\n### References\n\n- GitHub security advisory: https://github.com/parse-community/parse-server/security/advisories/GHSA-48q3-prgv-gm4w\n- Fix for Parse Server 7: https://github.com/parse-community/parse-server/pull/9820\n- Fix for Parse Server 8: https://github.com/parse-community/parse-server/pull/9819",
  "id": "GHSA-48q3-prgv-gm4w",
  "modified": "2025-07-10T19:22:40Z",
  "published": "2025-07-10T16:50:36Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://github.com/parse-community/parse-server/security/advisories/GHSA-48q3-prgv-gm4w"
    },
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-53364"
    },
    {
      "type": "WEB",
      "url": "https://github.com/parse-community/parse-server/pull/9819"
    },
    {
      "type": "WEB",
      "url": "https://github.com/parse-community/parse-server/pull/9820"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/parse-community/parse-server"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
      "type": "CVSS_V3"
    }
  ],
  "summary": "Parse Server exposes the data schema via GraphQL API"
}

GHSA-48WM-29G7-W3QW

Vulnerability from github – Published: 2025-08-19 21:30 – Updated: 2025-08-19 21:30
VLAI
Details

IBM Sterling B2B Integrator and IBM Sterling File Gateway 6.0.0.0 through 6.1.2.7, 6.2.0.0 through 6.2.0.4, and 6.2.1.0 could disclose sensitive server information to an unauthorized user that could aid in further attacks against the system.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2025-2988"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-497"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-08-19T20:15:30Z",
    "severity": "LOW"
  },
  "details": "IBM Sterling B2B Integrator and IBM Sterling File Gateway 6.0.0.0 through 6.1.2.7, 6.2.0.0 through 6.2.0.4, and 6.2.1.0 could disclose sensitive server information to an unauthorized user that could aid in further attacks against the system.",
  "id": "GHSA-48wm-29g7-w3qw",
  "modified": "2025-08-19T21:30:37Z",
  "published": "2025-08-19T21:30:37Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-2988"
    },
    {
      "type": "WEB",
      "url": "https://www.ibm.com/support/pages/node/7242391"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-4CQQ-M3QG-HQ7M

Vulnerability from github – Published: 2026-04-08 09:31 – Updated: 2026-04-13 18:30
VLAI
Details

Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in WP Chill RSVP and Event Management rsvp allows Retrieve Embedded Sensitive Data.This issue affects RSVP and Event Management: from n/a through <= 2.7.16.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2026-39536"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-497"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2026-04-08T09:16:26Z",
    "severity": "MODERATE"
  },
  "details": "Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in WP Chill RSVP and Event Management rsvp allows Retrieve Embedded Sensitive Data.This issue affects RSVP and Event Management: from n/a through \u003c= 2.7.16.",
  "id": "GHSA-4cqq-m3qg-hq7m",
  "modified": "2026-04-13T18:30:38Z",
  "published": "2026-04-08T09:31:32Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-39536"
    },
    {
      "type": "WEB",
      "url": "https://patchstack.com/database/Wordpress/Plugin/rsvp/vulnerability/wordpress-rsvp-and-event-management-plugin-2-7-16-sensitive-data-exposure-vulnerability?_s_id=cve"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-4F42-626F-CQM7

Vulnerability from github – Published: 2025-12-12 21:31 – Updated: 2025-12-16 00:30
VLAI
Details

A logic issue was addressed with improved restrictions. This issue is fixed in macOS Tahoe 26.1. An app may be able to access sensitive user data.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2025-43406"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-497"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-12-12T21:15:54Z",
    "severity": "MODERATE"
  },
  "details": "A logic issue was addressed with improved restrictions. This issue is fixed in macOS Tahoe 26.1. An app may be able to access sensitive user data.",
  "id": "GHSA-4f42-626f-cqm7",
  "modified": "2025-12-16T00:30:28Z",
  "published": "2025-12-12T21:31:38Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-43406"
    },
    {
      "type": "WEB",
      "url": "https://support.apple.com/en-us/125634"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-4F69-VPC6-QRX2

Vulnerability from github – Published: 2024-07-03 18:47 – Updated: 2024-07-03 18:47
VLAI
Details

Full Path Disclosure vulnerability in AdmirorFrames Joomla! extension in afHelper.php script allows an unauthorised attacker to retrieve location of web root folder. This issue affects AdmirorFrames: before 5.0.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2024-5735"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-497"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-06-28T12:15:10Z",
    "severity": "MODERATE"
  },
  "details": "Full Path Disclosure vulnerability in AdmirorFrames Joomla! extension in afHelper.php script allows an unauthorised attacker to retrieve location of web root folder.\u00a0This issue affects AdmirorFrames: before 5.0.",
  "id": "GHSA-4f69-vpc6-qrx2",
  "modified": "2024-07-03T18:47:18Z",
  "published": "2024-07-03T18:47:18Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-5735"
    },
    {
      "type": "WEB",
      "url": "https://github.com/vasiljevski/admirorframes/issues/3"
    },
    {
      "type": "WEB",
      "url": "https://cert.pl/en/posts/2024/06/CVE-2024-5735"
    },
    {
      "type": "WEB",
      "url": "https://cert.pl/posts/2024/06/CVE-2024-5735"
    },
    {
      "type": "WEB",
      "url": "https://github.com/afine-com/CVE-2024-5735"
    },
    {
      "type": "WEB",
      "url": "https://github.com/sectroyer/CVEs/tree/main/CVE-2024-5735"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
      "type": "CVSS_V3"
    },
    {
      "score": "CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:Y/R:U/V:D/RE:L/U:Green",
      "type": "CVSS_V4"
    }
  ]
}

GHSA-4GRG-84CR-6C2H

Vulnerability from github – Published: 2022-05-24 19:04 – Updated: 2025-10-22 00:32
VLAI
Details

Windows Kernel Information Disclosure Vulnerability

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2021-31955"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-200",
      "CWE-497"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2021-06-08T23:15:00Z",
    "severity": "MODERATE"
  },
  "details": "Windows Kernel Information Disclosure Vulnerability",
  "id": "GHSA-4grg-84cr-6c2h",
  "modified": "2025-10-22T00:32:13Z",
  "published": "2022-05-24T19:04:48Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-31955"
    },
    {
      "type": "WEB",
      "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-31955"
    },
    {
      "type": "WEB",
      "url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2021-31955"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-4GV4-7PHC-2JW7

Vulnerability from github – Published: 2022-12-08 21:30 – Updated: 2022-12-12 15:30
VLAI
Details

Exposure of Sensitive System Information to an Unauthorized Control Sphere in GitHub repository lirantal/daloradius prior to master branch.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2022-4366"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-497",
      "CWE-668",
      "CWE-862"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2022-12-08T19:15:00Z",
    "severity": "HIGH"
  },
  "details": "Exposure of Sensitive System Information to an Unauthorized Control Sphere in GitHub repository lirantal/daloradius prior to master branch.",
  "id": "GHSA-4gv4-7phc-2jw7",
  "modified": "2022-12-12T15:30:30Z",
  "published": "2022-12-08T21:30:20Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-4366"
    },
    {
      "type": "WEB",
      "url": "https://github.com/lirantal/daloradius/commit/3d11f375a76ddb3741200296e15f81d82dfb80ce"
    },
    {
      "type": "WEB",
      "url": "https://huntr.dev/bounties/f225d69a-d971-410d-a8f9-b0026143aed8"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-4H55-M33H-988R

Vulnerability from github – Published: 2022-05-24 17:39 – Updated: 2022-05-24 17:39
VLAI
Details

A vulnerability in the CLI of Cisco SD-WAN vManage Software could allow an authenticated, local attacker to read sensitive database files on an affected system. The vulnerability is due to insufficient user authorization. An attacker could exploit this vulnerability by accessing the vshell of an affected system. A successful exploit could allow the attacker to read database files from the filesystem of the underlying operating system.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2021-1235"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-497"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2021-01-20T21:15:00Z",
    "severity": "MODERATE"
  },
  "details": "\n A vulnerability in the CLI of Cisco SD-WAN vManage Software could allow an authenticated, local attacker to read sensitive database files on an affected system.\n The vulnerability is due to insufficient user authorization. An attacker could exploit this vulnerability by accessing the vshell of an affected system. A successful exploit could allow the attacker to read database files from the filesystem of the underlying operating system.\n ",
  "id": "GHSA-4h55-m33h-988r",
  "modified": "2022-05-24T17:39:37Z",
  "published": "2022-05-24T17:39:37Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-1235"
    },
    {
      "type": "WEB",
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-vinfdis-MC8L58dj"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

GHSA-4HPQ-5JRV-896M

Vulnerability from github – Published: 2024-12-09 15:31 – Updated: 2026-04-01 18:32
VLAI
Details

Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in Analytify.This issue affects Analytify: from n/a through 5.4.3.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2024-53814"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-497"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-12-09T14:15:12Z",
    "severity": "MODERATE"
  },
  "details": "Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in Analytify.This issue affects Analytify: from n/a through 5.4.3.",
  "id": "GHSA-4hpq-5jrv-896m",
  "modified": "2026-04-01T18:32:42Z",
  "published": "2024-12-09T15:31:37Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-53814"
    },
    {
      "type": "WEB",
      "url": "https://patchstack.com/database/wordpress/plugin/wp-analytify/vulnerability/wordpress-analytify-plugin-5-4-3-broken-access-control-vulnerability?_s_id=cve"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

Mitigation
Architecture and Design Implementation

Production applications should never use methods that generate internal details such as stack traces and error messages unless that information is directly committed to a log that is not viewable by the end user. All error message text should be HTML entity encoded before being written to the log file to protect against potential cross-site scripting attacks against the viewer of the logs

CAPEC-170: Web Application Fingerprinting

An attacker sends a series of probes to a web application in order to elicit version-dependent and type-dependent behavior that assists in identifying the target. An attacker could learn information such as software versions, error pages, and response headers, variations in implementations of the HTTP protocol, directory structures, and other similar information about the targeted service. This information can then be used by an attacker to formulate a targeted attack plan. While web application fingerprinting is not intended to be damaging (although certain activities, such as network scans, can sometimes cause disruptions to vulnerable applications inadvertently) it may often pave the way for more damaging attacks.

CAPEC-694: System Location Discovery

An adversary collects information about the target system in an attempt to identify the system's geographical location.

Information gathered could include keyboard layout, system language, and timezone. This information may benefit an adversary in confirming the desired target and/or tailoring further attacks.