CWE-210 3 個 CVE MITRE 定義 ↗

CWE-210:Self-generated Error Message Containing Sensitive Information

概覽

CWE-210(Self-generated Error Message Containing Sensitive Information)描述一種在漏洞資料庫與安全評估中使用的弱點類型;定義、背景與對應 CVE 見下方各節。

安全影響
安全影響:因產品與情境而異;請結合 CVE 紀錄、嚴重度評分與 MITRE 說明進行優先級判斷。

描述

The product identifies an error condition and creates its own diagnostic or error messages that contain sensitive information.

適用平台

類型 名稱 普遍性 OS / CPE
language Not Language-Specific Undetermined

本庫相關 CVE

下列 CVE 在本庫中對應到該弱點,並保留以便追溯與檢索。

CVE 公開時間 摘要
CVE-2023-41027 2023-09-22 Credential disclosure in the '/webs/userpasswd.htm' endpoint in Juplink RX4-1500 Wifi router firmware versions V1.0.4 and V1.0.5 allows an authenticated attacker to leak the password for the administr…
CVE-2021-40126 2021-11-04 A vulnerability in the web-based dashboard of Cisco Umbrella could allow an authenticated, remote attacker to perform an email enumeration attack against the Umbrella infrastructure. This vulnerabilit…
CVE-2018-19947 2020-09-11 The vulnerability have been reported to affect earlier versions of Helpdesk. If exploited, this information exposure vulnerability could disclose sensitive information. QNAP has already fixed the issu…

曾用名

  • Product-Generated Error Message Information Leak (2011-03-29)
  • Information Exposure Through Generated Error Message (2012-10-30)
  • Information Exposure Through Self-generated Error Message (2020-02-24)

內容提交

名稱
PLOVER
日期
2006-07-19
版本
Draft 3

內容修訂

日期 名稱 版本 重要性 評論
2008-07-01 Eric Dalci 1.0 updated Time_of_Introduction
2008-09-08 CWE Content Team 1.0 updated Relationships, Other_Notes, Taxonomy_Mappings
2009-12-28 CWE Content Team 1.7 updated Demonstrative_Examples
2010-06-21 CWE Content Team 1.9 updated Potential_Mitigations
2011-03-29 CWE Content Team 1.12 updated Name, Relationships
2011-06-01 CWE Content Team 1.13 updated Common_Consequences
2012-05-11 CWE Content Team 2.2 updated References, Relationships
2012-10-30 CWE Content Team 2.3 updated Name, Potential_Mitigations
2014-06-23 CWE Content Team 2.7 updated Other_Notes
2014-07-30 CWE Content Team 2.8 updated Relationships, Taxonomy_Mappings
2017-11-08 CWE Content Team 3.0 updated Applicable_Platforms, Functional_Areas, Modes_of_Introduction, Relationships
2020-02-24 CWE Content Team 4.0 updated Name, Relationships, Time_of_Introduction
2023-01-31 CWE Content Team 4.10 updated Description
2023-04-27 CWE Content Team 4.11 updated Relationships
2023-06-29 CWE Content Team 4.12 updated Mapping_Notes
2025-12-11 CWE Content Team 4.19 updated Weakness_Ordinalities
cvelogic Threat Intelligence