CWE-550 4 個 CVE MITRE 定義 ↗

CWE-550:Server-generated Error Message Containing Sensitive Information

概覽

CWE-550(Server-generated Error Message Containing Sensitive Information)描述一種在漏洞資料庫與安全評估中使用的弱點類型;定義、背景與對應 CVE 見下方各節。

安全影響
安全影響:因產品與情境而異;請結合 CVE 紀錄、嚴重度評分與 MITRE 說明進行優先級判斷。

描述

Certain conditions, such as network failure, will cause a server error message to be displayed.

適用平台

類型 名稱 普遍性 OS / CPE
language Not Language-Specific Undetermined
technology Not Technology-Specific Undetermined

本庫相關 CVE

下列 CVE 在本庫中對應到該弱點,並保留以便追溯與檢索。

CVE 公開時間 摘要
CVE-2025-36419 2026-01-20 IBM ApplinX 11.1 could disclose sensitive information about server architecture that could aid in further attacks against the system.
CVE-2025-62168 2025-10-17 Squid is a caching proxy for the Web. In Squid versions prior to 7.2, a failure to redact HTTP authentication credentials in error handling allows information disclosure. The vulnerability allows a sc…
CVE-2023-5617 2024-02-28 Hitachi Vantara Pentaho Data Integration & Analytics versions before 10.1.0.0 and 9.3.0.6, including 9.5.x and 8.3.x, display the version of Tomcat when a server error is encountered.
CVE-2023-40726 2023-09-12 A vulnerability has been identified in QMS Automotive (All versions < V12.39). The affected application server responds with sensitive information about the server. This could allow an attacker to dir…

曾用名

  • Information Leak Through Server Error Message (2011-03-29)
  • Information Exposure Through Server Error Message (2020-02-24)

內容提交

名稱
Anonymous Tool Vendor (under NDA)
日期
2006-07-19
版本
Draft 3

內容修訂

日期 名稱 版本 重要性 評論
2008-07-01 Eric Dalci 1.0 updated Time_of_Introduction
2008-09-08 CWE Content Team 1.0 updated Relationships, Taxonomy_Mappings
2008-10-14 CWE Content Team 1.0.1 updated Description
2011-03-29 CWE Content Team 1.12 updated Name, Relationships
2011-06-01 CWE Content Team 1.13 updated Common_Consequences
2012-05-11 CWE Content Team 2.2 updated Relationships
2012-10-30 CWE Content Team 2.3 updated Potential_Mitigations
2014-07-30 CWE Content Team 2.8 updated Relationships
2017-11-08 CWE Content Team 3.0 updated Modes_of_Introduction, Relationships, Taxonomy_Mappings
2020-02-24 CWE Content Team 4.0 updated Name, Relationships
2023-04-27 CWE Content Team 4.11 updated Relationships
2023-06-29 CWE Content Team 4.12 updated Mapping_Notes
2025-12-11 CWE Content Team 4.19 updated Applicable_Platforms, Relationships, Weakness_Ordinalities
cvelogic Threat Intelligence