CWE-497

Overview

CWE ID
497

CWE Name
Exposure of Sensitive System Information to an Unauthorized Control Sphere

CWE Abstraction
Base

CWE structure
Simple

CWE Status
Incomplete

Description

The application does not properly prevent sensitive system-level information from being accessed by unauthorized actors who do not have the same level of access to the underlying system as the application does.

Extended Description

Related CWEs

CWE ID	View ID	Nature	Ordinal
200	1000	ChildOf	Primary

Related CVEs

CVE
CVE-2021-1544
CVE-2021-1235
CVE-2021-1535
CVE-2022-1902
CVE-2022-2403
CVE-2022-34458
CVE-2023-0005
CVE-2022-4366
CVE-2023-4605
CVE-2023-4237
CVE-2023-41366
CVE-2023-20111
CVE-2023-32550
CVE-2023-0342
CVE-2023-50180
CVE-2023-50959
CVE-2023-34209
CVE-2024-31887
CVE-2024-31419
CVE-2024-22124
CVE-2024-22125
CVE-2024-25634
CVE-2023-0342
CVE-2023-50180
CVE-2023-50959
CVE-2023-34209
CVE-2024-31887
CVE-2024-31419
CVE-2024-22124
CVE-2024-22125
CVE-2024-25634
CVE-2024-6388
CVE-2024-5735
CVE-2024-31223
CVE-2024-39675
CVE-2024-39740
CVE-2023-42010
CVE-2024-8687
CVE-2024-6389