CWE-201

Overview

CWE ID
201

CWE Name
Insertion of Sensitive Information Into Sent Data

CWE Abstraction
Base

CWE structure
Simple

CWE Status
Draft

Description

The code transmits data to another actor, but a portion of the data includes sensitive information that should not be accessible to that actor.

Extended Description

Sensitive information could include data that is sensitive in and of itself (such as credentials or private messages), or otherwise useful in the further exploitation of the system (such as internal file system structure).

Related CWEs

CWE ID	View ID	Nature	Ordinal
200	1000	ChildOf	Primary
209	1000	CanAlsoBe
202	1000	CanAlsoBe

Related CVEs

CVE
CVE-2022-27671
CVE-2021-32653
CVE-2020-27748
CVE-2021-1128
CVE-2021-1129
CVE-2020-14514
CVE-2019-14849
CVE-2020-27784
CVE-2023-28117
CVE-2023-1975
CVE-2022-27779
CVE-2021-26566
CVE-2017-2582
CVE-2020-1774
CVE-2020-1770
CVE-2024-4536
CVE-2023-48240
CVE-2023-32275
CVE-2023-49594
CVE-2024-26270
CVE-2024-28173
CVE-2024-32028
CVE-2024-25150
CVE-2024-35189
CVE-2024-26270
CVE-2024-28173
CVE-2024-32028
CVE-2024-25150
CVE-2024-35189
CVE-2024-35189
CVE-2024-39315
CVE-2024-38372
CVE-2024-7205
CVE-2024-31200
CVE-2024-6586
CVE-2024-8890
CVE-2024-8890
CVE-2024-8890
CVE-2024-8890
CVE-2024-8890
CVE-2024-8890
CVE-2024-8890
CVE-2024-8890
CVE-2024-8890
CVE-2024-41931
CVE-2024-47128
CVE-2024-43814
CVE-2024-8890
CVE-2024-41931
CVE-2024-47128
CVE-2024-43814
CVE-2024-8890
CVE-2024-41931
CVE-2024-47128
CVE-2024-43814
CVE-2024-8890
CVE-2024-41931
CVE-2024-47128
CVE-2024-43814
CVE-2024-8890
CVE-2024-41931
CVE-2024-47128
CVE-2024-43814
CVE-2024-8890
CVE-2024-41931
CVE-2024-47128
CVE-2024-43814
CVE-2024-8890
CVE-2024-41931
CVE-2024-47128
CVE-2024-43814