Common Weakness Enumeration

CWE-497

Allowed

Exposure of Sensitive System Information to an Unauthorized Control Sphere

Abstraction: Base · Status: Incomplete

The product does not properly prevent sensitive system-level information from being accessed by unauthorized actors who do not have the same level of access to the underlying system as the product does.

669 vulnerabilities reference this CWE, most recent first.

GHSA-68J4-4QGV-952M

Vulnerability from github – Published: 2026-06-26 15:32 – Updated: 2026-06-26 15:32
VLAI
Details

Unauthenticated Sensitive Data Exposure in Print Invoice & Delivery Notes for WooCommerce <= 7.1.1 versions.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2026-56060"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-497"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2026-06-26T15:16:45Z",
    "severity": "HIGH"
  },
  "details": "Unauthenticated Sensitive Data Exposure in Print Invoice \u0026 Delivery Notes for WooCommerce \u003c= 7.1.1 versions.",
  "id": "GHSA-68j4-4qgv-952m",
  "modified": "2026-06-26T15:32:16Z",
  "published": "2026-06-26T15:32:16Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-56060"
    },
    {
      "type": "WEB",
      "url": "https://patchstack.com/database/wordpress/plugin/woocommerce-delivery-notes/vulnerability/wordpress-print-invoice-delivery-notes-for-woocommerce-plugin-7-1-1-sensitive-data-exposure-vulnerability?_s_id=cve"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-6CR2-4MV6-V473

Vulnerability from github – Published: 2026-01-23 15:31 – Updated: 2026-01-27 00:31
VLAI
Details

Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in webpushr Webpushr webpushr-web-push-notifications allows Retrieve Embedded Sensitive Data.This issue affects Webpushr: from n/a through <= 4.38.0.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2026-24536"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-497"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2026-01-23T15:16:09Z",
    "severity": "HIGH"
  },
  "details": "Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in webpushr Webpushr webpushr-web-push-notifications allows Retrieve Embedded Sensitive Data.This issue affects Webpushr: from n/a through \u003c= 4.38.0.",
  "id": "GHSA-6cr2-4mv6-v473",
  "modified": "2026-01-27T00:31:13Z",
  "published": "2026-01-23T15:31:36Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-24536"
    },
    {
      "type": "WEB",
      "url": "https://patchstack.com/database/Wordpress/Plugin/webpushr-web-push-notifications/vulnerability/wordpress-webpushr-plugin-4-38-0-sensitive-data-exposure-vulnerability?_s_id=cve"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-6GHC-9QC9-QFM5

Vulnerability from github – Published: 2025-05-08 12:34 – Updated: 2025-08-25 15:31
VLAI
Details

Files to be deployed with agents are accessible without authentication in Checkmk 2.1.0, Checkmk 2.2.0, Checkmk 2.3.0 and <Checkmk 2.4.0b6 allows attacker to access files that could contain secrets.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2025-3506"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-497"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-05-08T12:15:17Z",
    "severity": "MODERATE"
  },
  "details": "Files to be deployed with agents are accessible without authentication in Checkmk 2.1.0, Checkmk 2.2.0, Checkmk 2.3.0 and \u003cCheckmk 2.4.0b6 allows attacker to access files that could contain secrets.",
  "id": "GHSA-6ghc-9qc9-qfm5",
  "modified": "2025-08-25T15:31:59Z",
  "published": "2025-05-08T12:34:30Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-3506"
    },
    {
      "type": "WEB",
      "url": "https://checkmk.com/werk/17348"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
      "type": "CVSS_V3"
    },
    {
      "score": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:N/SC:L/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
      "type": "CVSS_V4"
    }
  ]
}

GHSA-6HWX-HVW3-R56G

Vulnerability from github – Published: 2026-04-01 21:30 – Updated: 2026-04-01 21:30
VLAI
Details

IBM DataPower Gateway 10.6CD 10.6.1.0 through 10.6.5.0 and IBM DataPower Gateway 10.5.0 10.5.0.0 through 10.5.0.20 and IBM DataPower Gateway 10.6.0 10.6.0.0 through 10.6.0.8 IBM DataPower Gateway could disclose sensitive system information from other domains to an administrative user.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2025-36373"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-497"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2026-04-01T21:16:57Z",
    "severity": "MODERATE"
  },
  "details": "IBM DataPower Gateway 10.6CD 10.6.1.0 through 10.6.5.0 and IBM DataPower Gateway 10.5.0 10.5.0.0 through 10.5.0.20 and IBM DataPower Gateway 10.6.0 10.6.0.0 through 10.6.0.8 IBM DataPower Gateway could disclose sensitive system information from other domains to an administrative user.",
  "id": "GHSA-6hwx-hvw3-r56g",
  "modified": "2026-04-01T21:30:31Z",
  "published": "2026-04-01T21:30:31Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-36373"
    },
    {
      "type": "WEB",
      "url": "https://www.ibm.com/support/pages/node/7267833"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-6J5V-MRJ8-GC92

Vulnerability from github – Published: 2025-04-01 06:30 – Updated: 2026-04-01 18:34
VLAI
Details

Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in WPBean Our Team Members. This issue affects Our Team Members: from n/a through 2.2.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2025-30802"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-497"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-04-01T06:15:51Z",
    "severity": "MODERATE"
  },
  "details": "Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in WPBean Our Team Members. This issue affects Our Team Members: from n/a through 2.2.",
  "id": "GHSA-6j5v-mrj8-gc92",
  "modified": "2026-04-01T18:34:17Z",
  "published": "2025-04-01T06:30:46Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-30802"
    },
    {
      "type": "WEB",
      "url": "https://patchstack.com/database/wordpress/plugin/our-team-members/vulnerability/wordpress-our-team-members-plugin-2-2-sensitive-data-exposure-vulnerability?_s_id=cve"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-6M4M-VFFW-M2RC

Vulnerability from github – Published: 2024-10-30 00:31 – Updated: 2026-04-01 18:32
VLAI
Details

Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in Veribo, Roland Murg WP Booking System.This issue affects WP Booking System: from n/a through 2.0.19.10.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2024-50425"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-497"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-10-29T22:15:04Z",
    "severity": "MODERATE"
  },
  "details": "Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in Veribo, Roland Murg WP Booking System.This issue affects WP Booking System: from n/a through 2.0.19.10.",
  "id": "GHSA-6m4m-vffw-m2rc",
  "modified": "2026-04-01T18:32:14Z",
  "published": "2024-10-30T00:31:04Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-50425"
    },
    {
      "type": "WEB",
      "url": "https://patchstack.com/database/Wordpress/Plugin/wp-booking-system/vulnerability/wordpress-wp-booking-system-plugin-2-0-19-10-broken-access-control-vulnerability?_s_id=cve"
    },
    {
      "type": "WEB",
      "url": "https://patchstack.com/database/vulnerability/wp-booking-system/wordpress-wp-booking-system-plugin-2-0-19-10-broken-access-control-vulnerability?_s_id=cve"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-6R95-J355-78W9

Vulnerability from github – Published: 2024-11-18 18:30 – Updated: 2024-11-18 18:30
VLAI
Details

A vulnerability in the cluster management interface of Cisco SD-WAN vManage Software could allow an unauthenticated, remote attacker to view sensitive information on an affected system. To be affected by this vulnerability, the vManage software must be in cluster mode. This vulnerability is due to the absence of authentication for sensitive information in the cluster management interface. An attacker could exploit this vulnerability by sending a crafted request to the cluster management interface of an affected system. A successful exploit could allow the attacker to view sensitive information on the affected system.Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2021-1234"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-497"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-11-18T16:15:08Z",
    "severity": "MODERATE"
  },
  "details": "A vulnerability in the cluster management interface of Cisco\u0026nbsp;SD-WAN vManage Software could allow an unauthenticated, remote attacker to view sensitive information on an affected system. To be affected by this vulnerability, the vManage software must be in cluster mode.\nThis vulnerability is due to the absence of authentication for sensitive information in the cluster management interface. An attacker could exploit this vulnerability by sending a crafted request to the cluster management interface of an affected system. A successful exploit could allow the attacker to view sensitive information on the affected system.Cisco\u0026nbsp;has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.",
  "id": "GHSA-6r95-j355-78w9",
  "modified": "2024-11-18T18:30:57Z",
  "published": "2024-11-18T18:30:57Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-1234"
    },
    {
      "type": "WEB",
      "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-vmaninfdis3-OvdR6uu8"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-6W5X-HR69-XX7V

Vulnerability from github – Published: 2026-05-26 13:30 – Updated: 2026-05-26 13:30
VLAI
Details

D-Link DIR601 2.02NA contains a credential disclosure vulnerability that allows unauthenticated attackers to retrieve sensitive configuration data by manipulating the table_name parameter in POST requests. Attackers can send requests to /my_cgi.cgi with table_name values like admin_user, wireless_settings, and wireless_security to extract administrative credentials and wireless network keys in clear text.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2018-25358"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-497"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2026-05-23T19:16:56Z",
    "severity": "HIGH"
  },
  "details": "D-Link DIR601 2.02NA contains a credential disclosure vulnerability that allows unauthenticated attackers to retrieve sensitive configuration data by manipulating the table_name parameter in POST requests. Attackers can send requests to /my_cgi.cgi with table_name values like admin_user, wireless_settings, and wireless_security to extract administrative credentials and wireless network keys in clear text.",
  "id": "GHSA-6w5x-hr69-xx7v",
  "modified": "2026-05-26T13:30:27Z",
  "published": "2026-05-26T13:30:27Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-25358"
    },
    {
      "type": "WEB",
      "url": "https://www.exploit-db.com/exploits/45002"
    },
    {
      "type": "WEB",
      "url": "https://www.packetlabs.net"
    },
    {
      "type": "WEB",
      "url": "https://www.vulncheck.com/advisories/d-link-dir601-2-02na-credential-disclosure-via-my-cgi-cgi"
    },
    {
      "type": "WEB",
      "url": "http://ca.dlink.com"
    },
    {
      "type": "WEB",
      "url": "http://support.dlink.ca/ProductInfo.aspx?m=DIR-601"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
      "type": "CVSS_V3"
    },
    {
      "score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
      "type": "CVSS_V4"
    }
  ]
}

GHSA-6XJP-685P-944F

Vulnerability from github – Published: 2026-06-09 18:31 – Updated: 2026-06-16 18:32
VLAI
Details

Improper access control in AMD uProf may allow a local attacker with user privileges to write to the kernel-shared memory section, potentially resulting in crash or denial of service.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2026-0466"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-497"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2026-06-09T18:16:33Z",
    "severity": "MODERATE"
  },
  "details": "Improper access control in AMD uProf may allow a local attacker with user privileges to write to the kernel-shared memory section, potentially resulting in crash or denial of service.",
  "id": "GHSA-6xjp-685p-944f",
  "modified": "2026-06-16T18:32:29Z",
  "published": "2026-06-09T18:31:02Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-0466"
    },
    {
      "type": "WEB",
      "url": "https://www.amd.com/en/resources/product-security/bulletin/AMD-SB-9025.html"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    },
    {
      "score": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
      "type": "CVSS_V4"
    }
  ]
}

GHSA-6XVR-96W9-F64H

Vulnerability from github – Published: 2026-01-13 03:32 – Updated: 2026-01-13 03:32
VLAI
Details

Under certain conditions SAP Fiori App Intercompany Balance Reconciliation application allows an attacker to access information which would otherwise be restricted. This has low impact on confidentiality of the application, integrity and availability are not impacted.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2026-0494"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-497"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2026-01-13T02:15:51Z",
    "severity": "MODERATE"
  },
  "details": "Under certain conditions SAP Fiori App Intercompany Balance Reconciliation application allows an attacker to access information which would otherwise be restricted. This has low impact on confidentiality of the application, integrity and availability are not impacted.",
  "id": "GHSA-6xvr-96w9-f64h",
  "modified": "2026-01-13T03:32:08Z",
  "published": "2026-01-13T03:32:08Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-0494"
    },
    {
      "type": "WEB",
      "url": "https://me.sap.com/notes/3655227"
    },
    {
      "type": "WEB",
      "url": "https://url.sap/sapsecuritypatchday"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

Mitigation
Architecture and Design Implementation

Production applications should never use methods that generate internal details such as stack traces and error messages unless that information is directly committed to a log that is not viewable by the end user. All error message text should be HTML entity encoded before being written to the log file to protect against potential cross-site scripting attacks against the viewer of the logs

CAPEC-170: Web Application Fingerprinting

An attacker sends a series of probes to a web application in order to elicit version-dependent and type-dependent behavior that assists in identifying the target. An attacker could learn information such as software versions, error pages, and response headers, variations in implementations of the HTTP protocol, directory structures, and other similar information about the targeted service. This information can then be used by an attacker to formulate a targeted attack plan. While web application fingerprinting is not intended to be damaging (although certain activities, such as network scans, can sometimes cause disruptions to vulnerable applications inadvertently) it may often pave the way for more damaging attacks.

CAPEC-694: System Location Discovery

An adversary collects information about the target system in an attempt to identify the system's geographical location.

Information gathered could include keyboard layout, system language, and timezone. This information may benefit an adversary in confirming the desired target and/or tailoring further attacks.