CWE-200 - CERT CVE

CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor

The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

CAPEC ID Naziv
CAPEC-116 Excavation
CAPEC-13 Subverting Environment Variable Values
CAPEC-169 Footprinting
CAPEC-22 Exploiting Trust in Client
CAPEC-224 Fingerprinting
CAPEC-285 ICMP Echo Request Ping
CAPEC-287 TCP SYN Scan
CAPEC-290 Enumerate Mail Exchange (MX) Records
CAPEC-291 DNS Zone Transfers
CAPEC-292 Host Discovery
CAPEC-293 Traceroute Route Enumeration
CAPEC-294 ICMP Address Mask Request
CAPEC-295 Timestamp Request
CAPEC-296 ICMP Information Request
CAPEC-297 TCP ACK Ping
CAPEC-298 UDP Ping
CAPEC-299 TCP SYN Ping
CAPEC-300 Port Scanning
CAPEC-301 TCP Connect Scan
CAPEC-302 TCP FIN Scan
CAPEC-303 TCP Xmas Scan
CAPEC-304 TCP Null Scan
CAPEC-305 TCP ACK Scan
CAPEC-306 TCP Window Scan
CAPEC-307 TCP RPC Scan
CAPEC-308 UDP Scan
CAPEC-309 Network Topology Mapping
CAPEC-310 Scanning for Vulnerable Software
CAPEC-312 Active OS Fingerprinting
CAPEC-313 Passive OS Fingerprinting
CAPEC-317 IP ID Sequencing Probe
CAPEC-318 IP 'ID' Echoed Byte-Order Probe
CAPEC-319 IP (DF) 'Don't Fragment Bit' Echoing Probe
CAPEC-320 TCP Timestamp Probe
CAPEC-321 TCP Sequence Number Probe
CAPEC-322 TCP (ISN) Greatest Common Divisor Probe
CAPEC-323 TCP (ISN) Counter Rate Probe
CAPEC-324 TCP (ISN) Sequence Predictability Probe
CAPEC-325 TCP Congestion Control Flag (ECN) Probe
CAPEC-326 TCP Initial Window Size Probe
CAPEC-327 TCP Options Probe
CAPEC-328 TCP 'RST' Flag Checksum Probe
CAPEC-329 ICMP Error Message Quoting Probe
CAPEC-330 ICMP Error Message Echoing Integrity Probe
CAPEC-472 Browser Fingerprinting
CAPEC-497 File Discovery
CAPEC-508 Shoulder Surfing
CAPEC-573 Process Footprinting
CAPEC-574 Services Footprinting
CAPEC-575 Account Footprinting
CAPEC-576 Group Permission Footprinting
CAPEC-577 Owner Footprinting
CAPEC-59 Session Credential Falsification through Prediction
CAPEC-60 Reusing Session IDs (aka Session Replay)
CAPEC-616 Establish Rogue Location
CAPEC-643 Identify Shared Files/Directories on System
CAPEC-646 Peripheral Footprinting
CAPEC-651 Eavesdropping
CAPEC-79 Using Slashes in Alternate Encoding