CWE-538
AllowedInsertion of Sensitive Information into Externally-Accessible File or Directory
Abstraction: Base · Status: Draft
The product places sensitive information into files or directories that are accessible to actors who are allowed to have access to the files, but not to the sensitive information.
155 vulnerabilities reference this CWE, most recent first.
CVE-2024-22433 (GCVE-0-2024-22433)
Vulnerability from cvelistv5 – Published: 2024-02-01 15:57 – Updated: 2024-08-19 20:16- CWE-538 - Insertion of Sensitive Information into Externally-Accessible File or Directory
| URL | Tags |
|---|---|
| https://www.dell.com/support/kbdoc/en-us/00022172… | vendor-advisory |
| Vendor | Product | Version | |
|---|---|---|---|
| Dell | Data Protection Search |
Affected:
19.2.0
Affected: 19.3.0 Affected: 19.4.0 Affected: 19.5.0 Affected: 19.5.1 Affected: 19.6.0 Affected: 19.6.1 Affected: 19.6.2 Affected: 19.6.3 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-01T22:43:34.942Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://www.dell.com/support/kbdoc/en-us/000221720/dsa-2024-063-security-update-for-dell-data-protection-search-multiple-security-vulnerabilities"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-22433",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-19T20:16:22.410943Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-19T20:16:38.664Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Data Protection Search",
"vendor": "Dell",
"versions": [
{
"status": "affected",
"version": "19.2.0"
},
{
"status": "affected",
"version": "19.3.0"
},
{
"status": "affected",
"version": "19.4.0"
},
{
"status": "affected",
"version": "19.5.0"
},
{
"status": "affected",
"version": "19.5.1"
},
{
"status": "affected",
"version": "19.6.0"
},
{
"status": "affected",
"version": "19.6.1"
},
{
"status": "affected",
"version": "19.6.2"
},
{
"status": "affected",
"version": "19.6.3"
}
]
}
],
"datePublic": "2024-02-01T06:30:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eDell Data Protection Search 19.2.0 and above contain an exposed password opportunity in plain text when using LdapSettings.get_ldap_info in DP Search. A remote unauthorized unauthenticated attacker could potentially exploit this vulnerability leading to a loss of Confidentiality, Integrity, Protection, and remote takeover of the system. This is a high-severity vulnerability as it allows an attacker to take complete control of DP Search to affect downstream protected devices.\u003c/span\u003e\n\n"
}
],
"value": "\nDell Data Protection Search 19.2.0 and above contain an exposed password opportunity in plain text when using LdapSettings.get_ldap_info in DP Search. A remote unauthorized unauthenticated attacker could potentially exploit this vulnerability leading to a loss of Confidentiality, Integrity, Protection, and remote takeover of the system. This is a high-severity vulnerability as it allows an attacker to take complete control of DP Search to affect downstream protected devices.\n\n"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:H/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-538",
"description": "CWE-538: Insertion of Sensitive Information into Externally-Accessible File or Directory",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-02-06T06:22:17.378Z",
"orgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
"shortName": "dell"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://www.dell.com/support/kbdoc/en-us/000221720/dsa-2024-063-security-update-for-dell-data-protection-search-multiple-security-vulnerabilities"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
"assignerShortName": "dell",
"cveId": "CVE-2024-22433",
"datePublished": "2024-02-01T15:57:46.053Z",
"dateReserved": "2024-01-10T15:23:01.338Z",
"dateUpdated": "2024-08-19T20:16:38.664Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-22045 (GCVE-0-2024-22045)
Vulnerability from cvelistv5 – Published: 2024-03-12 10:21 – Updated: 2024-08-01 22:35- CWE-538 - Insertion of Sensitive Information into Externally-Accessible File or Directory
| Vendor | Product | Version | |
|---|---|---|---|
| Siemens | SINEMA Remote Connect Client |
Affected:
0 , < V3.1 SP1
(custom)
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-22045",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-03-12T16:10:09.727210Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-07-05T17:21:08.034Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-01T22:35:34.833Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/html/ssa-653855.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "SINEMA Remote Connect Client",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V3.1 SP1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been identified in SINEMA Remote Connect Client (All versions \u003c V3.1 SP1). The product places sensitive information into files or directories that are accessible to actors who are allowed to have access to the files, but not to the sensitive information. This information is also available via the web interface of the product."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 7.6,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:L/A:N/E:P/RL:O/RC:C",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-538",
"description": "CWE-538: Insertion of Sensitive Information into Externally-Accessible File or Directory",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-03-12T10:21:58.614Z",
"orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"shortName": "siemens"
},
"references": [
{
"url": "https://cert-portal.siemens.com/productcert/html/ssa-653855.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"assignerShortName": "siemens",
"cveId": "CVE-2024-22045",
"datePublished": "2024-03-12T10:21:58.614Z",
"dateReserved": "2024-01-04T13:24:07.552Z",
"dateUpdated": "2024-08-01T22:35:34.833Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-6880 (GCVE-0-2024-6880)
Vulnerability from cvelistv5 – Published: 2025-01-10 17:51 – Updated: 2025-01-10 18:12- CWE-538 - Insertion of Sensitive Information into Externally-Accessible File or Directory
| URL | Tags |
|---|---|
| https://cert.pl/en/posts/2024/09/CVE-2024-6680 | third-party-advisory |
| https://megabip.pl/ | product |
| https://www.gov.pl/web/cyfryzacja/rekomendacja-pe… | government-resource |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-6880",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-10T18:12:36.281862Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-01-10T18:12:46.647Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "MegaBIP",
"vendor": "Jan Syski",
"versions": [
{
"lessThan": "5.15",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"datePublic": "2024-09-10T10:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "During MegaBIP installation process, a user is encouraged to change a default path to administrative portal, as keeping it secret is listed by the author as one of the protection mechanisms.\u0026nbsp;\u003cbr\u003ePublicly available source code of \"/registered.php\" discloses that path, allowing an attacker to attempt further attacks.\u0026nbsp;\u0026nbsp;\u003cbr\u003e\u003cbr\u003eThis issue affects MegaBIP software versions below 5.15\u003cbr\u003e\u003cbr\u003e"
}
],
"value": "During MegaBIP installation process, a user is encouraged to change a default path to administrative portal, as keeping it secret is listed by the author as one of the protection mechanisms.\u00a0\nPublicly available source code of \"/registered.php\" discloses that path, allowing an attacker to attempt further attacks.\u00a0\u00a0\n\nThis issue affects MegaBIP software versions below 5.15"
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 6.9,
"baseSeverity": "MEDIUM",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "LOW",
"vulnIntegrityImpact": "NONE",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-538",
"description": "CWE-538 Insertion of Sensitive Information into Externally-Accessible File or Directory",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-01-10T17:51:32.583Z",
"orgId": "4bb8329e-dd38-46c1-aafb-9bf32bcb93c6",
"shortName": "CERT-PL"
},
"references": [
{
"tags": [
"third-party-advisory"
],
"url": "https://cert.pl/en/posts/2024/09/CVE-2024-6680"
},
{
"tags": [
"product"
],
"url": "https://megabip.pl/"
},
{
"tags": [
"government-resource"
],
"url": "https://www.gov.pl/web/cyfryzacja/rekomendacja-pelnomocnika-rzadu-ds-cyberbezpieczenstwa-dotyczaca-biuletynow-informacji-publicznej"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "CSRF in MegaBIP",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "4bb8329e-dd38-46c1-aafb-9bf32bcb93c6",
"assignerShortName": "CERT-PL",
"cveId": "CVE-2024-6880",
"datePublished": "2025-01-10T17:51:32.583Z",
"dateReserved": "2024-07-18T11:50:05.563Z",
"dateUpdated": "2025-01-10T18:12:46.647Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-0191 (GCVE-0-2024-0191)
Vulnerability from cvelistv5 – Published: 2024-01-02 19:31 – Updated: 2025-06-03 14:45- CWE-538 - File and Directory Information Exposure
| URL | Tags |
|---|---|
| https://vuldb.com/?id.249504 | vdb-entry |
| https://vuldb.com/?ctiid.249504 | signaturepermissions-required |
| https://mega.nz/file/uZt00bIA#uqwP2WkWK5kbKOUbRrg… | exploit |
| Vendor | Product | Version | |
|---|---|---|---|
| RRJ | Nueva Ecija Engineer Online Portal |
Affected:
1.0
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-01T17:41:16.236Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vdb-entry",
"x_transferred"
],
"url": "https://vuldb.com/?id.249504"
},
{
"tags": [
"signature",
"permissions-required",
"x_transferred"
],
"url": "https://vuldb.com/?ctiid.249504"
},
{
"tags": [
"exploit",
"x_transferred"
],
"url": "https://mega.nz/file/uZt00bIA#uqwP2WkWK5kbKOUbRrgbZY4_-4enuhFw5O9LtJ_cclY"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-0191",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-05-08T18:37:22.927657Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-06-03T14:45:33.231Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Nueva Ecija Engineer Online Portal",
"vendor": "RRJ",
"versions": [
{
"status": "affected",
"version": "1.0"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "analyst",
"value": "ahmed8199 (VulDB User)"
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was found in RRJ Nueva Ecija Engineer Online Portal 1.0. It has been classified as problematic. Affected is an unknown function of the file /admin/uploads/. The manipulation leads to file and directory information exposure. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-249504."
},
{
"lang": "de",
"value": "Es wurde eine problematische Schwachstelle in RRJ Nueva Ecija Engineer Online Portal 1.0 ausgemacht. Betroffen hiervon ist ein unbekannter Ablauf der Datei /admin/uploads/. Mit der Manipulation mit unbekannten Daten kann eine file and directory information exposure-Schwachstelle ausgenutzt werden. Umgesetzt werden kann der Angriff \u00fcber das Netzwerk. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
}
},
{
"cvssV3_0": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.0"
}
},
{
"cvssV2_0": {
"baseScore": 5,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-538",
"description": "CWE-538 File and Directory Information Exposure",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-01-02T19:31:03.405Z",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"tags": [
"vdb-entry"
],
"url": "https://vuldb.com/?id.249504"
},
{
"tags": [
"signature",
"permissions-required"
],
"url": "https://vuldb.com/?ctiid.249504"
},
{
"tags": [
"exploit"
],
"url": "https://mega.nz/file/uZt00bIA#uqwP2WkWK5kbKOUbRrgbZY4_-4enuhFw5O9LtJ_cclY"
}
],
"timeline": [
{
"lang": "en",
"time": "2024-01-02T00:00:00.000Z",
"value": "Advisory disclosed"
},
{
"lang": "en",
"time": "2024-01-02T01:00:00.000Z",
"value": "VulDB entry created"
},
{
"lang": "en",
"time": "2024-01-02T11:28:07.000Z",
"value": "VulDB entry last update"
}
],
"title": "RRJ Nueva Ecija Engineer Online Portal file information disclosure"
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2024-0191",
"datePublished": "2024-01-02T19:31:03.405Z",
"dateReserved": "2024-01-02T10:22:47.963Z",
"dateUpdated": "2025-06-03T14:45:33.231Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-54346 (GCVE-0-2023-54346)
Vulnerability from cvelistv5 – Published: 2026-05-05 11:24 – Updated: 2026-07-15 01:24- CWE-538 - Insertion of Sensitive Information into Externally-Accessible File or Directory
| URL | Tags |
|---|---|
| https://www.exploit-db.com/exploits/51445 | exploit |
| https://backupbliss.com/ | product |
| https://downloads.wordpress.org/plugin/backup-bac… | product |
| https://www.vulncheck.com/advisories/wordpress-pl… | third-party-advisory |
| Vendor | Product | Version | |
|---|---|---|---|
| Backupbliss | WordPress Plugin Backup Migration |
Affected:
1.2.8
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-54346",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-05-06T12:34:31.481556Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-05-06T12:34:45.274Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "WordPress Plugin Backup Migration",
"vendor": "Backupbliss",
"versions": [
{
"status": "affected",
"version": "1.2.8"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:backupbliss:backup_migration:1.2.8:*:*:*:*:wordpress:*:*",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Wadeek"
}
],
"datePublic": "2023-05-10T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "WordPress Plugin Backup Migration 1.2.8 contains an information disclosure vulnerability that allows unauthenticated attackers to download complete database backups by accessing predictable file paths. Attackers can enumerate backup directories through configuration files and complete logs, then construct direct download URLs to retrieve sensitive backup archives containing full database dumps."
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 8.7,
"baseSeverity": "HIGH",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "NONE",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS"
},
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-538",
"description": "Insertion of Sensitive Information into Externally-Accessible File or Directory",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-07-15T01:24:57.710Z",
"orgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
"shortName": "VulnCheck"
},
"references": [
{
"name": "ExploitDB-51445",
"tags": [
"exploit"
],
"url": "https://www.exploit-db.com/exploits/51445"
},
{
"name": "Official Product Homepage",
"tags": [
"product"
],
"url": "https://backupbliss.com/"
},
{
"name": "Product Reference",
"tags": [
"product"
],
"url": "https://downloads.wordpress.org/plugin/backup-backup.1.2.8.zip"
},
{
"name": "VulnCheck Advisory: WordPress Plugin Backup Migration 1.2.8 Unauthenticated Database Backup Download",
"tags": [
"third-party-advisory"
],
"url": "https://www.vulncheck.com/advisories/wordpress-plugin-backup-migration-unauthenticated-database-backup-download"
}
],
"title": "WordPress Plugin Backup Migration 1.2.8 Unauthenticated Database Backup Download",
"x_generator": {
"engine": "vulncheck"
}
}
},
"cveMetadata": {
"assignerOrgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
"assignerShortName": "VulnCheck",
"cveId": "CVE-2023-54346",
"datePublished": "2026-05-05T11:24:50.282Z",
"dateReserved": "2026-01-10T01:51:52.985Z",
"dateUpdated": "2026-07-15T01:24:57.710Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2023-46723 (GCVE-0-2023-46723)
Vulnerability from cvelistv5 – Published: 2023-10-31 15:34 – Updated: 2024-09-05 20:14- CWE-538 - Insertion of Sensitive Information into Externally-Accessible File or Directory
| URL | Tags |
|---|---|
| https://github.com/paijp/lte-pic32-writer/securit… | x_refsource_CONFIRM |
| Vendor | Product | Version | |
|---|---|---|---|
| paijp | lte-pic32-writer |
Affected:
<= 0.0.1
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T20:53:21.321Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://github.com/paijp/lte-pic32-writer/security/advisories/GHSA-9qgg-ph2v-v4mh",
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/paijp/lte-pic32-writer/security/advisories/GHSA-9qgg-ph2v-v4mh"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-46723",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-05T20:13:54.160029Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-05T20:14:13.094Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "lte-pic32-writer",
"vendor": "paijp",
"versions": [
{
"status": "affected",
"version": "\u003c= 0.0.1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "lte-pic32-writer is a writer for PIC32 devices. In versions 0.0.1 and prior, those who use `sendto.txt` are vulnerable to attackers who known the IMEI reading the sendto.txt. The sendto.txt file can contain the SNS(such as slack and zulip) URL and API key. As of time of publication, a patch is not yet available. As workarounds, avoid using `sendto.txt` or use `.htaccess` to block access to `sendto.txt`."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 8.9,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:L",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-538",
"description": "CWE-538: Insertion of Sensitive Information into Externally-Accessible File or Directory",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-10-31T15:34:44.646Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/paijp/lte-pic32-writer/security/advisories/GHSA-9qgg-ph2v-v4mh",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/paijp/lte-pic32-writer/security/advisories/GHSA-9qgg-ph2v-v4mh"
}
],
"source": {
"advisory": "GHSA-9qgg-ph2v-v4mh",
"discovery": "UNKNOWN"
},
"title": "lte-pic32-writer\u0027s sendto.txt may disclose URL and the API key"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2023-46723",
"datePublished": "2023-10-31T15:34:44.646Z",
"dateReserved": "2023-10-25T14:30:33.750Z",
"dateUpdated": "2024-09-05T20:14:13.094Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-38558 (GCVE-0-2023-38558)
Vulnerability from cvelistv5 – Published: 2023-09-14 10:39 – Updated: 2025-02-27 20:50- CWE-538 - Insertion of Sensitive Information into Externally-Accessible File or Directory
| Vendor | Product | Version | |
|---|---|---|---|
| Siemens | SIMATIC PCS neo (Administration Console) V4.0 |
Affected:
All versions
|
|
| Siemens | SIMATIC PCS neo (Administration Console) V4.0 Update 1 |
Affected:
All versions
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T17:46:56.344Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-646240.pdf"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-38558",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-02-26T21:49:33.029526Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-02-27T20:50:18.770Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "SIMATIC PCS neo (Administration Console) V4.0",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC PCS neo (Administration Console) V4.0 Update 1",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been identified in SIMATIC PCS neo (Administration Console) V4.0 (All versions), SIMATIC PCS neo (Administration Console) V4.0 Update 1 (All versions). The affected application leaks Windows admin credentials. An attacker with local access to the Administration Console could get the credentials, and impersonate the admin user, thereby gaining admin access to other Windows systems."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-538",
"description": "CWE-538: Insertion of Sensitive Information into Externally-Accessible File or Directory",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-09-14T10:39:29.769Z",
"orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"shortName": "siemens"
},
"references": [
{
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-646240.pdf"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"assignerShortName": "siemens",
"cveId": "CVE-2023-38558",
"datePublished": "2023-09-14T10:39:29.769Z",
"dateReserved": "2023-07-20T08:17:26.143Z",
"dateUpdated": "2025-02-27T20:50:18.770Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-28444 (GCVE-0-2023-28444)
Vulnerability from cvelistv5 – Published: 2023-03-24 19:58 – Updated: 2025-02-24 19:37| URL | Tags |
|---|---|
| https://github.com/kyubisation/angular-server-sid… | x_refsource_CONFIRM |
| https://github.com/kyubisation/angular-server-sid… | x_refsource_MISC |
| https://github.com/kyubisation/angular-server-sid… | x_refsource_MISC |
| Vendor | Product | Version | |
|---|---|---|---|
| kyubisation | angular-server-side-configuration |
Affected:
>= 15.0.0, < 15.1.0
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T12:38:25.348Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://github.com/kyubisation/angular-server-side-configuration/security/advisories/GHSA-gwvm-vrp4-4pp5",
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/kyubisation/angular-server-side-configuration/security/advisories/GHSA-gwvm-vrp4-4pp5"
},
{
"name": "https://github.com/kyubisation/angular-server-side-configuration/commit/d701f51260637a84ede278e248934e0437a7ff86",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/kyubisation/angular-server-side-configuration/commit/d701f51260637a84ede278e248934e0437a7ff86"
},
{
"name": "https://github.com/kyubisation/angular-server-side-configuration/releases/tag/v15.1.0",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/kyubisation/angular-server-side-configuration/releases/tag/v15.1.0"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-28444",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-02-24T19:36:42.891510Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-02-24T19:37:02.320Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "angular-server-side-configuration",
"vendor": "kyubisation",
"versions": [
{
"status": "affected",
"version": "\u003e= 15.0.0, \u003c 15.1.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "angular-server-side-configuration helps configure an angular application at runtime on the server or in a docker container via environment variables. angular-server-side-configuration detects used environment variables in TypeScript (.ts) files during build time of an Angular CLI project. The detected environment variables are written to a ngssc.json file in the output directory.\nDuring deployment of an Angular based app, the environment variables based on the variables from ngssc.json are inserted into the apps index.html (or defined index file). With version 15.0.0 the environment variable detection was widened to the entire project, relative to the angular.json file from the Angular CLI. In a monorepo setup, this could lead to environment variables intended for a backend/service to be detected and written to the ngssc.json, which would then be populated and exposed via index.html. This has NO IMPACT, in a plain Angular project that has no backend component. This vulnerability has been mitigated in version 15.1.0, by adding an option `searchPattern` which restricts the detection file range by default. As a workaround, manually edit or create ngssc.json or run script after ngssc.json generation.\n"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 9.9,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:L/A:L",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-538",
"description": "CWE-538: Insertion of Sensitive Information into Externally-Accessible File or Directory",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-200",
"description": "CWE-200: Exposure of Sensitive Information to an Unauthorized Actor",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-03-24T19:58:59.998Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/kyubisation/angular-server-side-configuration/security/advisories/GHSA-gwvm-vrp4-4pp5",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/kyubisation/angular-server-side-configuration/security/advisories/GHSA-gwvm-vrp4-4pp5"
},
{
"name": "https://github.com/kyubisation/angular-server-side-configuration/commit/d701f51260637a84ede278e248934e0437a7ff86",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/kyubisation/angular-server-side-configuration/commit/d701f51260637a84ede278e248934e0437a7ff86"
},
{
"name": "https://github.com/kyubisation/angular-server-side-configuration/releases/tag/v15.1.0",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/kyubisation/angular-server-side-configuration/releases/tag/v15.1.0"
}
],
"source": {
"advisory": "GHSA-gwvm-vrp4-4pp5",
"discovery": "UNKNOWN"
},
"title": "angular-server-side-configuration information disclosure vulnerability in monorepo with node.js backend"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2023-28444",
"datePublished": "2023-03-24T19:58:59.998Z",
"dateReserved": "2023-03-15T15:59:10.056Z",
"dateUpdated": "2025-02-24T19:37:02.320Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-7062 (GCVE-0-2023-7062)
Vulnerability from cvelistv5 – Published: 2024-07-10 02:02 – Updated: 2026-04-08 17:05- CWE-538 - Insertion of Sensitive Information into Externally-Accessible File or Directory
| Vendor | Product | Version | |
|---|---|---|---|
| Advanced File Manager | Advanced File Manager Shortcodes |
Affected:
0 , ≤ 2.4
(semver)
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-7062",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-07-10T14:05:13.276654Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-07-10T14:05:24.745Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T08:50:07.902Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/8bf009f5-cf9e-4d38-9679-d3abb5817d30?source=cve"
},
{
"tags": [
"x_transferred"
],
"url": "https://advancedfilemanager.com/product/file-manager-advanced-shortcode-wordpress/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Advanced File Manager Shortcodes",
"vendor": "Advanced File Manager",
"versions": [
{
"lessThanOrEqual": "2.4",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Colin Xu"
}
],
"descriptions": [
{
"lang": "en",
"value": "The Advanced File Manager Shortcodes plugin for WordPress is vulnerable to Directory Traversal in all versions up to, and including, 2.4. This makes it possible for attackers with contributor access or higher to read the contents of arbitrary files on the server, which can contain sensitive information."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-538",
"description": "CWE-538 Insertion of Sensitive Information into Externally-Accessible File or Directory",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-08T17:05:55.482Z",
"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"shortName": "Wordfence"
},
"references": [
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/8bf009f5-cf9e-4d38-9679-d3abb5817d30?source=cve"
},
{
"url": "https://advancedfilemanager.com/product/file-manager-advanced-shortcode-wordpress/"
}
],
"timeline": [
{
"lang": "en",
"time": "2024-07-08T00:00:00.000Z",
"value": "Disclosed"
}
],
"title": "Advanced File Manager Shortcodes \u003c= 2.4 - Authenticated (Contributor+) Directory Traversal"
}
},
"cveMetadata": {
"assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"assignerShortName": "Wordfence",
"cveId": "CVE-2023-7062",
"datePublished": "2024-07-10T02:02:46.771Z",
"dateReserved": "2023-12-21T17:26:28.697Z",
"dateUpdated": "2026-04-08T17:05:55.482Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2023-5937 (GCVE-0-2023-5937)
Vulnerability from cvelistv5 – Published: 2024-05-15 16:06 – Updated: 2024-09-20 18:23- CWE-538 - Insertion of Sensitive Information into Externally-Accessible File or Directory
| Vendor | Product | Version | |
|---|---|---|---|
| Nozomi Networks | Arc |
Affected:
0 , < 1.6.0
(semver)
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-5937",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-05-15T17:48:53.485468Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-20T18:23:17.824Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T08:14:25.130Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://security.nozominetworks.com/NN-2023:15-01"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"platforms": [
"Windows"
],
"product": "Arc",
"vendor": "Nozomi Networks",
"versions": [
{
"lessThan": "1.6.0",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "This issue was found by Diego Giubertoni, Gabriele Quagliarella of Nozomi Networks Security Research team during an internal penetration testing session."
}
],
"datePublic": "2024-05-15T16:06:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cdiv\u003e\u003cdiv\u003eOn Windows systems, the Arc configuration files resulted to be world-readable.\u003c/div\u003e\u003c/div\u003e\u003cdiv\u003e\u003cdiv\u003eThis can lead to information disclosure by local attackers, via exfiltration of sensitive data from configuration files.\u003c/div\u003e\u003c/div\u003e"
}
],
"value": "On Windows systems, the Arc configuration files resulted to be world-readable.\n\n\n\nThis can lead to information disclosure by local attackers, via exfiltration of sensitive data from configuration files."
}
],
"impacts": [
{
"capecId": "CAPEC-180",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-180 Exploiting Incorrectly Configured Access Control Security Levels"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 3.8,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
},
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "PRESENT",
"attackVector": "LOCAL",
"baseScore": 5.2,
"baseSeverity": "MEDIUM",
"privilegesRequired": "LOW",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "HIGH",
"subConfidentialityImpact": "HIGH",
"subIntegrityImpact": "HIGH",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:L/VI:N/VA:N/SC:H/SI:H/SA:H",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "LOW",
"vulnIntegrityImpact": "NONE",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-538",
"description": "CWE-538 Insertion of Sensitive Information into Externally-Accessible File or Directory",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-09-20T11:43:37.667Z",
"orgId": "bec8025f-a851-46e5-b3a3-058e6b0aa23c",
"shortName": "Nozomi"
},
"references": [
{
"url": "https://security.nozominetworks.com/NN-2023:15-01"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cdiv\u003e\u003cdiv\u003eUpgrade to v1.6.0 or later.\u003c/div\u003e\u003c/div\u003e"
}
],
"value": "Upgrade to v1.6.0 or later."
}
],
"source": {
"discovery": "INTERNAL"
},
"title": "Sensitive data exfiltration via unsafe permissions on Windows systems in Arc before v1.6.0",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "bec8025f-a851-46e5-b3a3-058e6b0aa23c",
"assignerShortName": "Nozomi",
"cveId": "CVE-2023-5937",
"datePublished": "2024-05-15T16:06:52.478Z",
"dateReserved": "2023-11-02T15:59:51.613Z",
"dateUpdated": "2024-09-20T18:23:17.824Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Mitigation
Do not expose file and directory information to the user.
CAPEC-95: WSDL Scanning
This attack targets the WSDL interface made available by a web service. The attacker may scan the WSDL interface to reveal sensitive information about invocation patterns, underlying technology implementations and associated vulnerabilities. This type of probing is carried out to perform more serious attacks (e.g. parameter tampering, malicious content injection, command injection, etc.). WSDL files provide detailed information about the services ports and bindings available to consumers. For instance, the attacker can submit special characters or malicious content to the Web service and can cause a denial of service condition or illegal access to database records. In addition, the attacker may try to guess other private methods by using the information provided in the WSDL files.