Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-497 (将系统数据暴露到未授权控制的范围) — Vulnerability Class 291

291 vulnerabilities classified as CWE-497 (将系统数据暴露到未授权控制的范围). AI Chinese analysis included.

CWE-497 represents a critical information disclosure weakness where software inadvertently exposes sensitive system-level details to unauthorized external entities. This vulnerability typically arises when network-facing applications, such as web servers, fail to sanitize error messages or headers, allowing attackers to glean valuable intelligence about the underlying operating system, database versions, or server configurations. Exploitation often involves analyzing verbose error responses or specific network packets to identify known vulnerabilities in the exposed software stack, facilitating targeted attacks like remote code execution. To mitigate this risk, developers must implement strict error handling protocols that return generic, user-friendly messages instead of detailed stack traces. Additionally, configuring web servers to suppress version information in headers and employing robust input validation ensures that internal system architecture remains obscured from potential adversaries, thereby reducing the attack surface significantly.

MITRE CWE Description
The product does not properly prevent sensitive system-level information from being accessed by unauthorized actors who do not have the same level of access to the underlying system as the product does. Network-based products, such as web applications, often run on top of an operating system or similar environment. When the product communicates with outside parties, details about the underlying system are expected to remain hidden, such as path names for data files, other OS users, installed packages, the application environment, etc. This system information may be provided by the product itself, or buried within diagnostic or debugging messages. Debugging information helps an adversary learn about the system and form an attack plan. An information exposure occurs when system data or debugging information leaves the program through an output stream or logging function that makes it accessible to unauthorized parties. Using other weaknesses, an attacker could cause errors to occur; the response to these errors can reveal detailed system information, along with other impacts. An attacker can use messages that reveal technologies, operating systems, and product versions to tune the attack against known vulnerabilities in these technologies. A product may use diagnostic methods that provide significant implementation details such as stack traces as part of its error handling mechanism.
Common Consequences (1)
ConfidentialityRead Application Data
Mitigations (1)
Architecture and Design, ImplementationProduction applications should never use methods that generate internal details such as stack traces and error messages unless that information is directly committed to a log that is not viewable by the end user. All error message text should be HTML entity encoded before being written to the log file to protect against potential cross-site scripting attacks against the viewer of the logs
Examples (2)
The following code prints the path environment variable to the standard error stream:
char* path = getenv("PATH"); ... sprintf(stderr, "cannot find exe on path %s\n", path);
Bad · C
This code prints all of the running processes belonging to the current user.
//assume getCurrentUser() returns a username that is guaranteed to be alphanumeric (avoiding CWE-78) $userName = getCurrentUser(); $command = 'ps aux | grep ' . $userName; system($command);
Bad · PHP
CVE IDTitleCVSSSeverityPublished
CVE-2025-1212 Exposure of Sensitive System Information to an Unauthorized Control Sphere in GitLab — GitLab 4.3 Medium2025-02-12
CVE-2025-1144 Quanxun School Affairs System - Exposure of Sensitive Information — School Affairs System 9.8 Critical2025-02-11
CVE-2024-8550 Local File Inclusion (LFI) in modelscope/agentscope — modelscope/agentscope 7.5 -2025-02-10
CVE-2024-37526 IBM Watson Query on Cloud Pak for Data information disclosure — Data Virtualization 6.5 Medium2025-01-27
CVE-2024-40706 IBM InfoSphere Information Server information disclosure — InfoSphere Information Server 5.3 Medium2025-01-24
CVE-2024-53683 Ossur Mobile Logic Application Exposure of Sensitive System Information to an Unauthorized Control Sphere — Mobile Logic Application 4.4 Medium2025-01-17
CVE-2024-11029 Freeipa: administrative user data leaked through systemd journal 5.5 Medium2025-01-15
CVE-2025-0061 Multiple vulnerabilities in SAP BusinessObjects Business Intelligence Platform — SAP BusinessObjects Business Intelligence Platform 8.7 High2025-01-14
CVE-2025-0059 Information Disclosure vulnerability in SAP NetWeaver Application Server ABAP (applications based on SAP GUI for HTML) — SAP NetWeaver Application Server ABAP (applications based on SAP GUI for HTML) 6.0 Medium2025-01-14
CVE-2025-0056 Information Disclosure vulnerability in SAP GUI for Java — SAP GUI for Java 6.0 Medium2025-01-14
CVE-2025-0055 Information Disclosure vulnerability in SAP GUI for Windows — SAP GUI for Windows 6.0 Medium2025-01-14
CVE-2024-45640 IBM Security QRadar EDR information disclosure — Security QRadar EDR 5.3 Medium2025-01-07
CVE-2024-52367 IBM Concert Software information disclosure — Concert Software 5.3 Medium2025-01-07
CVE-2024-12993 Location information exposure in Infinix Weather app — com.rlk.weathers 4.3 -2024-12-30
CVE-2024-52321 Sharp多款产品 安全漏洞 — home 5G HR02 7.5 -2024-12-23
CVE-2024-54279 WordPress WP-NERD Toolkit plugin <= 1.1 - Sensitive Data Exposure vulnerability — WP-NERD Toolkit 7.5 High2024-12-16
CVE-2023-23472 IBM InfoSphere Information Server information disclosure — InfoSphere Information Server 3.1 Low2024-12-11
CVE-2024-32732 Information Disclosure vulnerability in SAP BusinessObjects Business Intelligence platform — SAP BusinessObjects Business Intelligence platform 5.3 Medium2024-12-10
CVE-2024-53814 WordPress Analytify plugin <= 5.4.3 - Broken Access Control vulnerability — Analytify 6.5 Medium2024-12-09
CVE-2024-53867 Synapse Matrix has a partial room state leak via Sliding Sync — synapse 4.3 Medium2024-12-03
CVE-2024-25035 IBM Cognos Controller information disclosure — Cognos Controller 5.3 Medium2024-12-03
CVE-2024-53768 WordPress Content Audit Exporter plugin <= 1.1 - Sensitive Data Exposure vulnerability — Content Audit Exporter 5.3 Medium2024-11-30
CVE-2024-22037 Database password leaked by systemd uyuni-server-attestation service — SUSE Manager Server 5.0 5.5 Medium2024-11-28
CVE-2024-10240 Exposure of Sensitive System Information to an Unauthorized Control Sphere in GitLab — GitLab 5.3 Medium2024-11-26
CVE-2024-9929 Hitachi Energy NSD570 安全漏洞 — NSD570 Teleprotection Equipment 4.3 Medium2024-11-26
CVE-2024-41781 IBM PowerVM Hypervisor information disclosure — PowerVM Hypervisor 5.1 Medium2024-11-22
CVE-2024-52033 Rakuten Turbo 5G 安全漏洞 — Rakuten Turbo 5G 5.3 Medium2024-11-20
CVE-2024-37070 IBM Concert Software information disclosure — Concert Software 4.3 Medium2024-11-19
CVE-2024-52582 cachi2 allows traceback prints locals — cachi2 4.7 Medium2024-11-19
CVE-2021-1234 Cisco SD-WAN vManage Information Disclosure Vulnerabilities — Cisco Catalyst SD-WAN Manager 5.3 Medium2024-11-18

Vulnerabilities classified as CWE-497 (将系统数据暴露到未授权控制的范围) represent 291 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.