CWE-497
AllowedExposure of Sensitive System Information to an Unauthorized Control Sphere
Abstraction: Base · Status: Incomplete
The product does not properly prevent sensitive system-level information from being accessed by unauthorized actors who do not have the same level of access to the underlying system as the product does.
669 vulnerabilities reference this CWE, most recent first.
GHSA-G42V-Q2PR-GWFV
Vulnerability from github – Published: 2024-12-03 18:31 – Updated: 2024-12-03 18:31IBM Cognos Controller 11.0.0 and 11.0.1
exposes server details that could allow an attacker to obtain information of the application environment to conduct further attacks.
{
"affected": [],
"aliases": [
"CVE-2024-25035"
],
"database_specific": {
"cwe_ids": [
"CWE-497"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-12-03T17:15:09Z",
"severity": "MODERATE"
},
"details": "IBM Cognos Controller 11.0.0 and 11.0.1 \n\n\n\nexposes server details that could allow an attacker to obtain information of the application environment to conduct further attacks.",
"id": "GHSA-g42v-q2pr-gwfv",
"modified": "2024-12-03T18:31:03Z",
"published": "2024-12-03T18:31:03Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-25035"
},
{
"type": "WEB",
"url": "https://www.ibm.com/support/pages/node/7177220"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-G629-P7X4-5X6R
Vulnerability from github – Published: 2024-05-02 18:30 – Updated: 2026-04-08 18:33The Analytify – Google Analytics Dashboard For WordPress (GA4 analytics made easy) plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on AJAX functions in combination with nonce leakage in all versions up to, and including, 5.2.3. This makes it possible for authenticated attackers, with subscriber access and higher, to obtain certain sensitive information related to plugin settings.
{
"affected": [],
"aliases": [
"CVE-2024-1809"
],
"database_specific": {
"cwe_ids": [
"CWE-497",
"CWE-862"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-05-02T17:15:13Z",
"severity": "MODERATE"
},
"details": "The Analytify \u2013 Google Analytics Dashboard For WordPress (GA4 analytics made easy) plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on AJAX functions in combination with nonce leakage in all versions up to, and including, 5.2.3. This makes it possible for authenticated attackers, with subscriber access and higher, to obtain certain sensitive information related to plugin settings.",
"id": "GHSA-g629-p7x4-5x6r",
"modified": "2026-04-08T18:33:02Z",
"published": "2024-05-02T18:30:52Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-1809"
},
{
"type": "WEB",
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=\u0026sfph_mail=\u0026reponame=\u0026new=3072410%40wp-analytify%2Ftrunk\u0026old=3024819%40wp-analytify%2Ftrunk\u0026sfp_email=\u0026sfph_mail="
},
{
"type": "WEB",
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/7a659071-df11-4318-86c2-7881163c8b62?source=cve"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-G693-V3JR-8HCR
Vulnerability from github – Published: 2025-07-28 03:31 – Updated: 2025-07-28 15:53Duplicate Advisory
This advisory has been withdrawn because it is a duplicate of GHSA-w5vr-6qhr-36cc. This link is maintained to preserve external references.
Original Description
The ed25519-dalek crate before 2 for Rust allows a double public key signing function oracle attack. The Keypair implementation leads to a simple computation for extracting a private key.
{
"affected": [
{
"package": {
"ecosystem": "crates.io",
"name": "ed25519-dalek"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "2.0.0"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [],
"database_specific": {
"cwe_ids": [
"CWE-497"
],
"github_reviewed": true,
"github_reviewed_at": "2025-07-28T15:53:19Z",
"nvd_published_at": "2025-07-28T02:15:24Z",
"severity": "MODERATE"
},
"details": "### Duplicate Advisory\nThis advisory has been withdrawn because it is a duplicate of GHSA-w5vr-6qhr-36cc. This link is maintained to preserve external references.\n\n### Original Description\nThe ed25519-dalek crate before 2 for Rust allows a double public key signing function oracle attack. The Keypair implementation leads to a simple computation for extracting a private key.",
"id": "GHSA-g693-v3jr-8hcr",
"modified": "2025-07-28T15:53:19Z",
"published": "2025-07-28T03:31:04Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-50237"
},
{
"type": "WEB",
"url": "https://crates.io/crates/ed25519-dalek"
},
{
"type": "WEB",
"url": "https://github.com/MystenLabs/ed25519-unsafe-libs"
},
{
"type": "WEB",
"url": "https://rustsec.org/advisories/RUSTSEC-2022-0093.html"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:N/A:N",
"type": "CVSS_V3"
}
],
"summary": "Duplicate Advisory: `ed25519-dalek` Double Public Key Signing Function Oracle Attack",
"withdrawn": "2025-07-28T15:53:19Z"
}
GHSA-G7GV-3436-VXJ2
Vulnerability from github – Published: 2024-11-22 12:39 – Updated: 2025-08-15 18:31IBM PowerVM Platform KeyStore (IBM PowerVM Hypervisor FW950.00 through FW950.90, FW1030.00 through FW1030.60, FW1050.00 through FW1050.20, and FW1060.00 through FW1060.10 functionality can be compromised if an attacker gains service access to the HMC. An attacker that gains service access to the HMC can locate and through a series of service procedures decrypt data contained in the Platform KeyStore.
{
"affected": [],
"aliases": [
"CVE-2024-41781"
],
"database_specific": {
"cwe_ids": [
"CWE-497"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-11-22T12:15:19Z",
"severity": "MODERATE"
},
"details": "IBM PowerVM Platform KeyStore (IBM PowerVM Hypervisor FW950.00 through FW950.90, FW1030.00 through FW1030.60,\u00a0FW1050.00 through\u00a0FW1050.20, and FW1060.00 through FW1060.10\u00a0functionality can be compromised if an attacker gains service access to the HMC. An attacker that gains service access to the HMC can locate and through a series of service procedures decrypt data contained in the Platform KeyStore.",
"id": "GHSA-g7gv-3436-vxj2",
"modified": "2025-08-15T18:31:07Z",
"published": "2024-11-22T12:39:08Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-41781"
},
{
"type": "WEB",
"url": "https://www.ibm.com/support/pages/node/7172698"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:A/AC:H/PR:H/UI:R/S:C/C:H/I:N/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-GC5R-VCQV-P3F2
Vulnerability from github – Published: 2025-12-24 15:30 – Updated: 2026-01-20 15:32Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in Virusdie Virusdie virusdie allows Retrieve Embedded Sensitive Data.This issue affects Virusdie: from n/a through <= 1.1.6.
{
"affected": [],
"aliases": [
"CVE-2025-68576"
],
"database_specific": {
"cwe_ids": [
"CWE-497"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-12-24T13:16:24Z",
"severity": "HIGH"
},
"details": "Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in Virusdie Virusdie virusdie allows Retrieve Embedded Sensitive Data.This issue affects Virusdie: from n/a through \u003c= 1.1.6.",
"id": "GHSA-gc5r-vcqv-p3f2",
"modified": "2026-01-20T15:32:40Z",
"published": "2025-12-24T15:30:42Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-68576"
},
{
"type": "WEB",
"url": "https://patchstack.com/database/Wordpress/Plugin/virusdie/vulnerability/wordpress-virusdie-plugin-1-1-6-sensitive-data-exposure-vulnerability?_s_id=cve"
},
{
"type": "WEB",
"url": "https://vdp.patchstack.com/database/Wordpress/Plugin/virusdie/vulnerability/wordpress-virusdie-plugin-1-1-6-sensitive-data-exposure-vulnerability?_s_id=cve"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-GF3X-CWP4-JGFV
Vulnerability from github – Published: 2026-06-15 21:30 – Updated: 2026-06-15 21:30Unauthenticated Sensitive Data Exposure in Conekta Payment Gateway <= 6.0.0 versions.
{
"affected": [],
"aliases": [
"CVE-2026-49066"
],
"database_specific": {
"cwe_ids": [
"CWE-497"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2026-06-15T21:17:19Z",
"severity": "HIGH"
},
"details": "Unauthenticated Sensitive Data Exposure in Conekta Payment Gateway \u003c= 6.0.0 versions.",
"id": "GHSA-gf3x-cwp4-jgfv",
"modified": "2026-06-15T21:30:49Z",
"published": "2026-06-15T21:30:49Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-49066"
},
{
"type": "WEB",
"url": "https://patchstack.com/database/wordpress/plugin/conekta-payment-gateway/vulnerability/wordpress-conekta-payment-gateway-plugin-6-0-0-sensitive-data-exposure-vulnerability?_s_id=cve"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-GFW9-FFGQ-6HWC
Vulnerability from github – Published: 2025-06-27 15:31 – Updated: 2026-04-28 21:35Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in Roland Beaussant Audio Editor & Recorder allows Retrieve Embedded Sensitive Data. This issue affects Audio Editor & Recorder: from n/a through 2.2.3.
{
"affected": [],
"aliases": [
"CVE-2025-53211"
],
"database_specific": {
"cwe_ids": [
"CWE-497"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-06-27T14:15:44Z",
"severity": "MODERATE"
},
"details": "Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in Roland Beaussant Audio Editor \u0026amp; Recorder allows Retrieve Embedded Sensitive Data. This issue affects Audio Editor \u0026amp; Recorder: from n/a through 2.2.3.",
"id": "GHSA-gfw9-ffgq-6hwc",
"modified": "2026-04-28T21:35:42Z",
"published": "2025-06-27T15:31:26Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-53211"
},
{
"type": "WEB",
"url": "https://patchstack.com/database/wordpress/plugin/audio-editor-recorder/vulnerability/wordpress-audio-editor-recorder-plugin-2-2-3-sensitive-data-exposure-vulnerability?_s_id=cve"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-GHHG-X4V7-V6CR
Vulnerability from github – Published: 2025-12-30 12:30 – Updated: 2026-01-20 15:32Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in Aethonic Poptics: AI-Powered Popup Builder for Lead Generation, Conversions, Exit-Intent, Email Opt-ins & WooCommerce Sales poptics allows Retrieve Embedded Sensitive Data.This issue affects Poptics: AI-Powered Popup Builder for Lead Generation, Conversions, Exit-Intent, Email Opt-ins & WooCommerce Sales: from n/a through <= 1.0.20.
{
"affected": [],
"aliases": [
"CVE-2025-69025"
],
"database_specific": {
"cwe_ids": [
"CWE-497"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-12-30T11:16:01Z",
"severity": "MODERATE"
},
"details": "Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in Aethonic Poptics: AI-Powered Popup Builder for Lead Generation, Conversions, Exit-Intent, Email Opt-ins \u0026amp; WooCommerce Sales poptics allows Retrieve Embedded Sensitive Data.This issue affects Poptics: AI-Powered Popup Builder for Lead Generation, Conversions, Exit-Intent, Email Opt-ins \u0026amp; WooCommerce Sales: from n/a through \u003c= 1.0.20.",
"id": "GHSA-ghhg-x4v7-v6cr",
"modified": "2026-01-20T15:32:46Z",
"published": "2025-12-30T12:30:28Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-69025"
},
{
"type": "WEB",
"url": "https://patchstack.com/database/Wordpress/Plugin/poptics/vulnerability/wordpress-poptics-ai-powered-popup-builder-for-lead-generation-conversions-exit-intent-email-opt-ins-woocommerce-sales-plugin-1-0-20-sensitive-data-exposure-vulnerability?_s_id=cve"
},
{
"type": "WEB",
"url": "https://vdp.patchstack.com/database/Wordpress/Plugin/poptics/vulnerability/wordpress-poptics-ai-powered-popup-builder-for-lead-generation-conversions-exit-intent-email-opt-ins-woocommerce-sales-plugin-1-0-20-sensitive-data-exposure-vulnerability?_s_id=cve"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-GPJ4-P4VM-JMRR
Vulnerability from github – Published: 2026-02-17 21:31 – Updated: 2026-02-17 21:31IBM DataStage on Cloud Pak for Data 5.1.2 through 5.3.0 returns sensitive information in an HTTP response that could be used to impersonate other users in the system.
{
"affected": [],
"aliases": [
"CVE-2025-13691"
],
"database_specific": {
"cwe_ids": [
"CWE-497"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2026-02-17T21:22:13Z",
"severity": "HIGH"
},
"details": "IBM DataStage on Cloud Pak for Data 5.1.2 through 5.3.0 returns sensitive information in an HTTP response that could be used to impersonate other users in the system.",
"id": "GHSA-gpj4-p4vm-jmrr",
"modified": "2026-02-17T21:31:14Z",
"published": "2026-02-17T21:31:14Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-13691"
},
{
"type": "WEB",
"url": "https://www.ibm.com/support/pages/node/7259956"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-GPR8-P742-HW62
Vulnerability from github – Published: 2026-06-16 15:33 – Updated: 2026-06-16 15:33A sensitive information disclosure security issue exists within the affected CompactLogix controllers. The controller's web server exposes CIP Connection IDs on the diagnostics webpage, which are accessible to any unauthenticated user on the network. This information can be leveraged by an attacker to construct malicious packets, leading to Denial-of-Service.
{
"affected": [],
"aliases": [
"CVE-2026-9307"
],
"database_specific": {
"cwe_ids": [
"CWE-497"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2026-06-16T15:16:45Z",
"severity": "MODERATE"
},
"details": "A sensitive information disclosure security issue exists within the affected CompactLogix controllers. The\u00a0controller\u0027s\u00a0web server exposes CIP Connection IDs on the diagnostics webpage, which are accessible to any unauthenticated user on the network. This information can be\u00a0leveraged\u00a0by an attacker to construct malicious packets, leading to Denial-of-Service.",
"id": "GHSA-gpr8-p742-hw62",
"modified": "2026-06-16T15:33:51Z",
"published": "2026-06-16T15:33:51Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-9307"
},
{
"type": "WEB",
"url": "https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.SD1776.html"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"type": "CVSS_V4"
}
]
}
Mitigation
Production applications should never use methods that generate internal details such as stack traces and error messages unless that information is directly committed to a log that is not viewable by the end user. All error message text should be HTML entity encoded before being written to the log file to protect against potential cross-site scripting attacks against the viewer of the logs
CAPEC-170: Web Application Fingerprinting
An attacker sends a series of probes to a web application in order to elicit version-dependent and type-dependent behavior that assists in identifying the target. An attacker could learn information such as software versions, error pages, and response headers, variations in implementations of the HTTP protocol, directory structures, and other similar information about the targeted service. This information can then be used by an attacker to formulate a targeted attack plan. While web application fingerprinting is not intended to be damaging (although certain activities, such as network scans, can sometimes cause disruptions to vulnerable applications inadvertently) it may often pave the way for more damaging attacks.
CAPEC-694: System Location Discovery
An adversary collects information about the target system in an attempt to identify the system's geographical location.
Information gathered could include keyboard layout, system language, and timezone. This information may benefit an adversary in confirming the desired target and/or tailoring further attacks.