CWE-1230: Exposure of Sensitive Information Through Metadata
The product prevents direct access to a resource containing sensitive information, but it does not sufficiently limit access to metadata that is derived from the original, sensitive information.
Last updated
Overview
Developers might correctly prevent unauthorized access to a database or other resource containing sensitive information, but they might not consider that portions of the original information might also be recorded in metadata, search indices, statistical reports, or other resources. If these resources are not also restricted, then attackers might be able to extract some or all of the original information, or otherwise infer some details. For example, an attacker could specify search terms that are known to be unique to a particular person, or view metadata such as activity or creation dates in order to identify usage patterns.
Real-world CVEs
24 recorded CVEs are caused by CWE-1230 (Exposure of Sensitive Information Through Metadata). The highest-severity and most recent are shown first. 6 new CWE-1230 CVEs have been recorded so far in 2026 (12 in 2025).
- CVE-2024-9099High · CVSS 8.1 · EPSS 42th2025-03-20
- CVE-2025-47324
Exposure of Sensitive Information Through Metadata in Powerline Communication Firmware
High · CVSS 7.5 · EPSS 8th2025-08-06 - CVE-2025-0330
Exposure of Sensitive Information in berriai/litellm
High · CVSS 7.5 · EPSS 41th2025-03-20 - CVE-2024-53291High · CVSS 7.5 · EPSS 22th2024-12-25
- CVE-2025-30038
Session ID leakage in Zone.Identifier of downloaded files
High · CVSS 7.3 · EPSS 5th2025-08-27 - CVE-2024-47517Medium · CVSS 6.8 · EPSS 32th2025-01-10
- CVE-2025-59601
Exposure of Sensitive Information Through Metadata in Powerline Communication Firmware
Medium · CVSS 6.5 · EPSS 1th2026-06-01 - CVE-2024-9447Medium · CVSS 6.5 · EPSS 43th2025-03-20
- CVE-2023-1974Medium · CVSS 6.5 · EPSS 45th2023-04-11
- CVE-2025-13084
Opto 22 groov View Exposure of Sensitive Information Through Metadata
Medium · CVSS 6.1 · EPSS 15th2025-11-26 - CVE-2026-49270
Apache ActiveMQ Broker, Apache ActiveMQ, Apache ActiveMQ All: Durable Subscription Disclosure via Crafted BrokerInfo (OpenWire)
Medium · CVSS 5.9 · EPSS 25th2026-06-01 - CVE-2026-29055
Tandoor Recipes: WebP and GIF Image Uploads Bypass EXIF/Metadata Stripping, Leaking GPS Coordinates and PII
Medium · CVSS 5.3 · EPSS 23th2026-03-26
Showing 12 of 24 recorded CWE-1230 CVEs. Track new ones as they are published and get AI-written analysis and fixes.
Monitor CWE-1230 vulnerabilitiesCommon consequences
What can happen when CWE-1230 is exploited.
Read Application Data
Affects: Confidentiality
How it happens
When it is introduced
Typically introduced during these phases of the software lifecycle.
Frequently asked questions
Common questions about CWE-1230.
- What is CWE-1230?
- The product prevents direct access to a resource containing sensitive information, but it does not sufficiently limit access to metadata that is derived from the original, sensitive information.
- What CVEs are caused by CWE-1230?
- 24 recorded CVEs are attributed to CWE-1230, including CVE-2024-9099, CVE-2025-47324, CVE-2025-0330.
- What are the consequences of CWE-1230?
- Exploiting CWE-1230 can lead to: Read Application Data.
- Is CWE-1230 actively exploited?
- 24 recorded CVEs are caused by CWE-1230; none are currently in CISA's KEV catalog of actively exploited flaws.
References
- MITRE CWE definition (CWE-1230) (opens in a new tab)
- CWE-1230 vulnerabilities on NVD (opens in a new tab)
- Learn: What is a CWE?
Weakness data is sourced from the MITRE CWE catalog (v4.20). CVE associations are aggregated and kept current by RadicalNotion.AI.
Stay ahead of CWE-1230
Get alerted the moment a new CWE-1230 vulnerability affects your stack, with AI-written analysis, severity context, and remediation guidance.