CWE-497
AllowedExposure of Sensitive System Information to an Unauthorized Control Sphere
Abstraction: Base · Status: Incomplete
The product does not properly prevent sensitive system-level information from being accessed by unauthorized actors who do not have the same level of access to the underlying system as the product does.
669 vulnerabilities reference this CWE, most recent first.
GHSA-PFG9-VJVH-F5RW
Vulnerability from github – Published: 2026-07-03 00:31 – Updated: 2026-07-03 00:31The Azure Blob Storage container used for Gardyn device logs is publicly listable without authentication. A malicious user would be able to access any device log file available in the blob storage container.
{
"affected": [],
"aliases": [
"CVE-2026-55726"
],
"database_specific": {
"cwe_ids": [
"CWE-497"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2026-07-03T00:16:52Z",
"severity": "MODERATE"
},
"details": "The Azure Blob Storage container used for Gardyn device logs is publicly listable without authentication. A malicious user would be able to access any device log file available in the blob storage container.",
"id": "GHSA-pfg9-vjvh-f5rw",
"modified": "2026-07-03T00:31:55Z",
"published": "2026-07-03T00:31:55Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-55726"
},
{
"type": "WEB",
"url": "https://github.com/cisagov/CSAF/blob/develop/csaf_files/OT/white/2026/icsa-26-183-03.json"
},
{
"type": "WEB",
"url": "https://mygardyn.com/security"
},
{
"type": "WEB",
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-26-183-03"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"type": "CVSS_V3"
},
{
"score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"type": "CVSS_V4"
}
]
}
GHSA-PFHV-4Q3R-34JW
Vulnerability from github – Published: 2025-05-27 15:31 – Updated: 2025-05-27 15:31Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in OpenText Advanced Authentication allows Information Elicitation. The vulnerability could reveal sensitive information while managing and configuring of the external services.
This issue affects Advanced Authentication versions before 6.5.
{
"affected": [],
"aliases": [
"CVE-2025-2236"
],
"database_specific": {
"cwe_ids": [
"CWE-497"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-05-27T15:15:32Z",
"severity": "LOW"
},
"details": "Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in OpenText Advanced Authentication allows Information Elicitation. The vulnerability could\u00a0reveal sensitive information while managing and configuring of the external services.\n\nThis issue affects Advanced Authentication versions before 6.5.",
"id": "GHSA-pfhv-4q3r-34jw",
"modified": "2025-05-27T15:31:28Z",
"published": "2025-05-27T15:31:28Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-2236"
},
{
"type": "WEB",
"url": "https://portal.microfocus.com/s/article/KM000039947"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:L/SC:L/SI:L/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:P/AU:N/R:X/V:C/RE:M/U:Red",
"type": "CVSS_V4"
}
]
}
GHSA-PGVC-6H2P-Q4F6
Vulnerability from github – Published: 2025-06-24 19:36 – Updated: 2025-06-28 00:06Impact
Via a request to an anonymously authenticated endpoint it's possible to retrieve information about the configured password requirements. The information available is limited but would perhaps give some additional detail useful for someone attempting to brute force derive a user's password.
The vulnerability can be found in the supported Umbraco versions 10 and 13. It was not exposed in Umbraco 7 or 8, nor in 14 or higher versions.
Patches
Patched in 10.8.11 and 13.9.2
{
"affected": [
{
"package": {
"ecosystem": "NuGet",
"name": "Umbraco.Cms"
},
"ranges": [
{
"events": [
{
"introduced": "10.0.0"
},
{
"fixed": "10.8.11"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "NuGet",
"name": "Umbraco.Cms"
},
"ranges": [
{
"events": [
{
"introduced": "13.0.0"
},
{
"fixed": "13.9.2"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2025-49147"
],
"database_specific": {
"cwe_ids": [
"CWE-497"
],
"github_reviewed": true,
"github_reviewed_at": "2025-06-24T19:36:32Z",
"nvd_published_at": "2025-06-24T18:15:25Z",
"severity": "MODERATE"
},
"details": "### Impact\nVia a request to an anonymously authenticated endpoint it\u0027s possible to retrieve information about the configured password requirements. The information available is limited but would perhaps give some additional detail useful for someone attempting to brute force derive a user\u0027s password.\n\nThe vulnerability can be found in the supported Umbraco versions 10 and 13. It was not exposed in Umbraco 7 or 8, nor in 14 or higher versions.\n\n### Patches\nPatched in 10.8.11 and 13.9.2",
"id": "GHSA-pgvc-6h2p-q4f6",
"modified": "2025-06-28T00:06:29Z",
"published": "2025-06-24T19:36:32Z",
"references": [
{
"type": "WEB",
"url": "https://github.com/umbraco/Umbraco-CMS/security/advisories/GHSA-pgvc-6h2p-q4f6"
},
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-49147"
},
{
"type": "WEB",
"url": "https://github.com/umbraco/Umbraco-CMS/commit/b4144564c836ec6929111ce2a12eb1f67b42d61e"
},
{
"type": "WEB",
"url": "https://github.com/umbraco/Umbraco-CMS/commit/d8f68d2c40f8e158bd81d469f25ef3a4e1d86c4c"
},
{
"type": "PACKAGE",
"url": "https://github.com/umbraco/Umbraco-CMS"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"type": "CVSS_V3"
}
],
"summary": "Umbraco CMS disclosure of configured password requirements "
}
GHSA-PQ28-GV4F-6R2Q
Vulnerability from github – Published: 2025-09-05 15:31 – Updated: 2026-04-01 18:36Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in Rami Yushuvaev Site Info allows Retrieve Embedded Sensitive Data. This issue affects Site Info: from n/a through 1.1.
{
"affected": [],
"aliases": [
"CVE-2025-58866"
],
"database_specific": {
"cwe_ids": [
"CWE-497"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-09-05T14:16:02Z",
"severity": "LOW"
},
"details": "Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in Rami Yushuvaev Site Info allows Retrieve Embedded Sensitive Data. This issue affects Site Info: from n/a through 1.1.",
"id": "GHSA-pq28-gv4f-6r2q",
"modified": "2026-04-01T18:36:06Z",
"published": "2025-09-05T15:31:09Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58866"
},
{
"type": "WEB",
"url": "https://patchstack.com/database/wordpress/plugin/site-info-dashboard-widget/vulnerability/wordpress-site-info-plugin-1-1-sensitive-data-exposure-vulnerability?_s_id=cve"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-PQQG-82V7-FXR2
Vulnerability from github – Published: 2026-02-03 15:30 – Updated: 2026-02-03 18:30Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in WPMU DEV - Your All-in-One WordPress Platform Hustle wordpress-popup allows Retrieve Embedded Sensitive Data.This issue affects Hustle: from n/a through <= 7.8.9.2.
{
"affected": [],
"aliases": [
"CVE-2026-24998"
],
"database_specific": {
"cwe_ids": [
"CWE-497"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2026-02-03T15:16:19Z",
"severity": "MODERATE"
},
"details": "Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in WPMU DEV - Your All-in-One WordPress Platform Hustle wordpress-popup allows Retrieve Embedded Sensitive Data.This issue affects Hustle: from n/a through \u003c= 7.8.9.2.",
"id": "GHSA-pqqg-82v7-fxr2",
"modified": "2026-02-03T18:30:43Z",
"published": "2026-02-03T15:30:26Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-24998"
},
{
"type": "WEB",
"url": "https://patchstack.com/database/Wordpress/Plugin/wordpress-popup/vulnerability/wordpress-hustle-plugin-7-8-9-2-sensitive-data-exposure-vulnerability?_s_id=cve"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-PR7V-PRVV-52V8
Vulnerability from github – Published: 2025-04-24 15:30 – Updated: 2025-07-28 15:31A flaw was found in libsoup. When libsoup clients encounter an HTTP redirect, they mistakenly send the HTTP Authorization header to the new host that the redirection points to. This allows the new host to impersonate the user to the original host that issued the redirect.
{
"affected": [],
"aliases": [
"CVE-2025-46421"
],
"database_specific": {
"cwe_ids": [
"CWE-497"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-04-24T13:15:45Z",
"severity": "MODERATE"
},
"details": "A flaw was found in libsoup. When libsoup clients encounter an HTTP redirect, they mistakenly send the HTTP Authorization header to the new host that the redirection points to. This allows the new host to impersonate the user to the original host that issued the redirect.",
"id": "GHSA-pr7v-prvv-52v8",
"modified": "2025-07-28T15:31:34Z",
"published": "2025-04-24T15:30:49Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-46421"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2025:4439"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2025:4440"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2025:4508"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2025:4538"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2025:4560"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2025:4568"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2025:4609"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2025:4624"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2025:7436"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2025:7505"
},
{
"type": "WEB",
"url": "https://access.redhat.com/security/cve/CVE-2025-46421"
},
{
"type": "WEB",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2361962"
},
{
"type": "WEB",
"url": "https://gitlab.gnome.org/GNOME/libsoup/-/issues/439"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-PR8Q-FPGR-CJRR
Vulnerability from github – Published: 2026-04-08 09:31 – Updated: 2026-04-14 18:30Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in Softaculous PageLayer pagelayer allows Retrieve Embedded Sensitive Data.This issue affects PageLayer: from n/a through <= 2.0.8.
{
"affected": [],
"aliases": [
"CVE-2026-39469"
],
"database_specific": {
"cwe_ids": [
"CWE-497"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2026-04-08T09:16:21Z",
"severity": "MODERATE"
},
"details": "Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in Softaculous PageLayer pagelayer allows Retrieve Embedded Sensitive Data.This issue affects PageLayer: from n/a through \u003c= 2.0.8.",
"id": "GHSA-pr8q-fpgr-cjrr",
"modified": "2026-04-14T18:30:28Z",
"published": "2026-04-08T09:31:31Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-39469"
},
{
"type": "WEB",
"url": "https://patchstack.com/database/Wordpress/Plugin/pagelayer/vulnerability/wordpress-pagelayer-plugin-2-0-8-sensitive-data-exposure-vulnerability?_s_id=cve"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-PV6P-86WR-J7HP
Vulnerability from github – Published: 2026-02-09 06:30 – Updated: 2026-02-09 06:30A vulnerability has been found in FAST/TOOLS provided by Yokogawa Electric Corporation.
Physical paths could be displayed on web pages. This information could be exploited by an attacker for other attacks.
The affected products and versions are as follows: FAST/TOOLS (Packages: RVSVRN, UNSVRN, HMIWEB, FTEES, HMIMOB) R9.01 to R10.04
{
"affected": [],
"aliases": [
"CVE-2025-66599"
],
"database_specific": {
"cwe_ids": [
"CWE-497"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2026-02-09T04:15:49Z",
"severity": "MODERATE"
},
"details": "A vulnerability has been found in FAST/TOOLS provided by Yokogawa Electric Corporation.\n\n\n\nPhysical paths could\nbe displayed on web pages. This information could be exploited by an attacker\nfor other attacks.\n\n\n\nThe\naffected products and versions are as follows: FAST/TOOLS (Packages: RVSVRN, UNSVRN, HMIWEB, FTEES, HMIMOB) R9.01 to\nR10.04",
"id": "GHSA-pv6p-86wr-j7hp",
"modified": "2026-02-09T06:30:27Z",
"published": "2026-02-09T06:30:27Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-66599"
},
{
"type": "WEB",
"url": "https://web-material3.yokogawa.com/1/39206/files/YSAR-26-0001-E.pdf"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"type": "CVSS_V4"
}
]
}
GHSA-PVHC-CW6M-9MP8
Vulnerability from github – Published: 2026-06-15 21:30 – Updated: 2026-06-15 21:30Unauthenticated Sensitive Data Exposure in WooCommerce PDF Invoices, Packing Slips, Delivery Notes and Shipping Labels <= 4.9.4 versions.
{
"affected": [],
"aliases": [
"CVE-2026-49056"
],
"database_specific": {
"cwe_ids": [
"CWE-497"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2026-06-15T21:17:18Z",
"severity": "HIGH"
},
"details": "Unauthenticated Sensitive Data Exposure in WooCommerce PDF Invoices, Packing Slips, Delivery Notes and Shipping Labels \u003c= 4.9.4 versions.",
"id": "GHSA-pvhc-cw6m-9mp8",
"modified": "2026-06-15T21:30:49Z",
"published": "2026-06-15T21:30:49Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-49056"
},
{
"type": "WEB",
"url": "https://patchstack.com/database/wordpress/plugin/print-invoices-packing-slip-labels-for-woocommerce/vulnerability/wordpress-woocommerce-pdf-invoices-packing-slips-delivery-notes-and-shipping-labels-plugin-4-9-4-sensitive-data-exposure-vulnerability?_s_id=cve"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-PVVH-2GXC-VQQJ
Vulnerability from github – Published: 2026-07-13 12:35 – Updated: 2026-07-13 12:35Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in Crocoblock JetSearch jet-search allows Retrieve Embedded Sensitive Data.This issue affects JetSearch: from n/a through <= 3.6.1.2.
{
"affected": [],
"aliases": [
"CVE-2026-61977"
],
"database_specific": {
"cwe_ids": [
"CWE-497"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2026-07-13T10:16:47Z",
"severity": "MODERATE"
},
"details": "Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in Crocoblock JetSearch jet-search allows Retrieve Embedded Sensitive Data.This issue affects JetSearch: from n/a through \u003c= 3.6.1.2.",
"id": "GHSA-pvvh-2gxc-vqqj",
"modified": "2026-07-13T12:35:06Z",
"published": "2026-07-13T12:35:06Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-61977"
},
{
"type": "WEB",
"url": "https://patchstack.com/database/Wordpress/Plugin/jet-search/vulnerability/wordpress-jetsearch-plugin-3-6-1-2-sensitive-data-exposure-vulnerability?_s_id=cve"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"type": "CVSS_V3"
}
]
}
Mitigation
Production applications should never use methods that generate internal details such as stack traces and error messages unless that information is directly committed to a log that is not viewable by the end user. All error message text should be HTML entity encoded before being written to the log file to protect against potential cross-site scripting attacks against the viewer of the logs
CAPEC-170: Web Application Fingerprinting
An attacker sends a series of probes to a web application in order to elicit version-dependent and type-dependent behavior that assists in identifying the target. An attacker could learn information such as software versions, error pages, and response headers, variations in implementations of the HTTP protocol, directory structures, and other similar information about the targeted service. This information can then be used by an attacker to formulate a targeted attack plan. While web application fingerprinting is not intended to be damaging (although certain activities, such as network scans, can sometimes cause disruptions to vulnerable applications inadvertently) it may often pave the way for more damaging attacks.
CAPEC-694: System Location Discovery
An adversary collects information about the target system in an attempt to identify the system's geographical location.
Information gathered could include keyboard layout, system language, and timezone. This information may benefit an adversary in confirming the desired target and/or tailoring further attacks.