Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-497 (将系统数据暴露到未授权控制的范围) — Vulnerability Class 291

291 vulnerabilities classified as CWE-497 (将系统数据暴露到未授权控制的范围). AI Chinese analysis included.

CWE-497 represents a critical information disclosure weakness where software inadvertently exposes sensitive system-level details to unauthorized external entities. This vulnerability typically arises when network-facing applications, such as web servers, fail to sanitize error messages or headers, allowing attackers to glean valuable intelligence about the underlying operating system, database versions, or server configurations. Exploitation often involves analyzing verbose error responses or specific network packets to identify known vulnerabilities in the exposed software stack, facilitating targeted attacks like remote code execution. To mitigate this risk, developers must implement strict error handling protocols that return generic, user-friendly messages instead of detailed stack traces. Additionally, configuring web servers to suppress version information in headers and employing robust input validation ensures that internal system architecture remains obscured from potential adversaries, thereby reducing the attack surface significantly.

MITRE CWE Description
The product does not properly prevent sensitive system-level information from being accessed by unauthorized actors who do not have the same level of access to the underlying system as the product does. Network-based products, such as web applications, often run on top of an operating system or similar environment. When the product communicates with outside parties, details about the underlying system are expected to remain hidden, such as path names for data files, other OS users, installed packages, the application environment, etc. This system information may be provided by the product itself, or buried within diagnostic or debugging messages. Debugging information helps an adversary learn about the system and form an attack plan. An information exposure occurs when system data or debugging information leaves the program through an output stream or logging function that makes it accessible to unauthorized parties. Using other weaknesses, an attacker could cause errors to occur; the response to these errors can reveal detailed system information, along with other impacts. An attacker can use messages that reveal technologies, operating systems, and product versions to tune the attack against known vulnerabilities in these technologies. A product may use diagnostic methods that provide significant implementation details such as stack traces as part of its error handling mechanism.
Common Consequences (1)
ConfidentialityRead Application Data
Mitigations (1)
Architecture and Design, ImplementationProduction applications should never use methods that generate internal details such as stack traces and error messages unless that information is directly committed to a log that is not viewable by the end user. All error message text should be HTML entity encoded before being written to the log file to protect against potential cross-site scripting attacks against the viewer of the logs
Examples (2)
The following code prints the path environment variable to the standard error stream:
char* path = getenv("PATH"); ... sprintf(stderr, "cannot find exe on path %s\n", path);
Bad · C
This code prints all of the running processes belonging to the current user.
//assume getCurrentUser() returns a username that is guaranteed to be alphanumeric (avoiding CWE-78) $userName = getCurrentUser(); $command = 'ps aux | grep ' . $userName; system($command);
Bad · PHP
CVE IDTitleCVSSSeverityPublished
CVE-2025-58579 Username Disclosure Through Missing Authentication — Baggage Analytics 5.3 Medium2025-10-06
CVE-2025-58585 Sensitive Information Disclosure Through Missing Authentication — Baggage Analytics 5.3 Medium2025-10-06
CVE-2025-58583 User Enumeration — Enterprise Analytics 5.3 Medium2025-10-06
CVE-2025-59447 YoSmart YoLink Smart Hub 安全漏洞 — YoLink Smart Hub 2.2 Low2025-10-06
CVE-2025-60167 WordPress Page Manager for Elementor Plugin <= 2.0.5 - Sensitive Data Exposure Vulnerability — Page Manager for Elementor 4.3 Medium2025-09-26
CVE-2025-60119 WordPress CoSchedule Plugin <= 3.3.11 - Sensitive Data Exposure Vulnerability — CoSchedule 5.3 Medium2025-09-26
CVE-2025-60092 WordPress Download Manager Plugin <= 3.3.25 - Sensitive Data Exposure Vulnerability — Download Manager 5.3 Medium2025-09-26
CVE-2025-59582 WordPress Ajax Load More Plugin <= 7.6.0.2 - Sensitive Data Exposure Vulnerability — Ajax Load More 5.3 Medium2025-09-22
CVE-2025-57916 WordPress WP System Information Plugin <= 1.5 - Sensitive Data Exposure Vulnerability — WP System Information 4.3 Medium2025-09-22
CVE-2025-57937 WordPress WPeMatico RSS Feed Fetcher Plugin <= 2.8.10 - Sensitive Data Exposure Vulnerability — WPeMatico RSS Feed Fetcher 4.3 Medium2025-09-22
CVE-2025-58007 WordPress Social Pug Plugin <= 1.35.2 - Sensitive Data Exposure Vulnerability — Hubbub Lite 4.3 Medium2025-09-22
CVE-2025-58015 WordPress Quiz Maker Plugin <= 6.7.0.65 - Sensitive Data Exposure Vulnerability — Quiz Maker 5.3 Medium2025-09-22
CVE-2025-36146 IBM watsonx.data information disclosure — watsonx.data 4.3 Medium2025-09-18
CVE-2024-12367 Information Disclosure in Vegagrup Software's Vega Master — Vega Master 8.6 High2025-09-16
CVE-2025-4235 User-ID Credential Agent: Cleartext Exposure of Service Account password — User-ID Credential Agent 8.8 -2025-09-12
CVE-2025-10264 Digiever|NVR - Exposure of Sensitive Information — DS-1200 10.0 Critical2025-09-12
CVE-2025-6769 Exposure of Sensitive System Information to an Unauthorized Control Sphere in GitLab — GitLab 4.3 Medium2025-09-12
CVE-2025-9364 Rockwell Automation FactoryTalk® Analytics™ LogixAI® Exposed Redis DB — FactoryTalk® Analytics™ LogixAI® 9.1AICriticalAI2025-09-09
CVE-2025-58866 WordPress Site Info Plugin <= 1.1 - Sensitive Data Exposure Vulnerability — Site Info 2.7 Low2025-09-05
CVE-2025-58797 WordPress Ninja Charts plugin <= 3.3.5 - Sensitive Data Exposure vulnerability — Ninja Charts 5.3 Medium2025-09-05
CVE-2025-2667 IBM Sterling B2B Integrator information disclosure — Sterling B2B Integrator 2.7 Low2025-09-04
CVE-2025-36162 IBM DevOps Deploy / IBM UrbanCode Deploy information disclosure — UrbanCode Deploy 4.3 Medium2025-09-02
CVE-2025-8700 Privilege Escalation via get-task-allow entitlement in Invoice Ninja — Invoice Ninja 7.3AIHighAI2025-08-26
CVE-2025-8597 Privilege Escalation via get-task-allow entitlement in MacVim.app — MacVim 7.3AIHighAI2025-08-26
CVE-2025-57888 WordPress Jobmonster Theme <= 4.8.0 - Sensitive Data Exposure Vulnerability — Jobmonster 5.3 Medium2025-08-22
CVE-2025-27721 INFINITT Healthcare INFINITT PACS Exposure of Sensitive System Information to an Unauthorized Control Sphere — INFINITT PACS System Manager 7.5 High2025-08-21
CVE-2025-48355 WordPress ProveSource Social Proof plugin <= 3.1.2 - Sensitive Data Exposure vulnerability — ProveSource Social Proof 5.3 Medium2025-08-21
CVE-2025-2988 IBM Sterling B2B Integrator and IBM Sterling File Gateway information disclosure — Sterling B2B Integrator 2.7 Low2025-08-19
CVE-2025-54736 WordPress Savoy Theme <= 3.0.8 - Sensitive Data Exposure Vulnerability — Savoy 5.3 Medium2025-08-14
CVE-2025-23288 NVIDIA GPU Display Driver 安全漏洞 — GPU Display Drivers 3.3 Low2025-08-02

Vulnerabilities classified as CWE-497 (将系统数据暴露到未授权控制的范围) represent 291 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.