CVE-2021-20455

LOW Year: 2021
CVSS v3 Score
3.7
Low
Weakness Type
CWE-209
View all →

Vulnerability Description

IBM Cognos Controller 11.0.0 through 11.0.1 and IBM Controller 11.1.0 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system.

Related Vulnerabilities

CVE-2018-17891

LOW
CVSS:3.7(Low)

Carestream Vue RIS, RIS Client Builds: Version 11.2 and prior running on a Windows 8.1 machine with IIS/7.5. When contacting a Carestream server where there is no Oracle TNS listener available, users ...

CWE-2092018

CVE-2019-4570

LOW
CVSS:3.7(Low)

IBM Tivoli Netcool Impact 7.1.0 through 7.1.0.16 generates an error message that includes sensitive information about its environment, users, or associated data. IBM X-Force ID: 166720.

CWE-2092019

CVE-2024-35232

LOW
CVSS:3.7(Low)

github.com/huandu/facebook is a Go package that fully supports the Facebook Graph API with file upload, batch request and marketing API. access_token can be exposed in error message on fail in HTTP re...

CWE-2092024

CVE-2025-41441

MEDIUM
CVSS:3.7(Low)

Mailform Pro CGI prior to 4.3.4 generates error messages containing sensitive information, which may allow a remote unauthenticated attacker to obtain coupon codes. This vulnerability only affects pro...

CWE-2092025

CVE-2020-16128

LOW
CVSS:3.8(Low)

The aptdaemon DBus interface disclosed file existence disclosure by setting Terminal/DebconfSocket properties, aka GHSL-2020-192 and GHSL-2020-196. This affected versions prior to 1.1.1+bzr982-0ubuntu...

CWE-2092020

CVE-2024-6984

LOW
CVSS:3.8(Low)

An issue was discovered in Juju that resulted in the leak of the sensitive context ID, which allows a local unprivileged attacker to access other sensitive data or relation accessible to the local cha...

CWE-2092024