CWE-311

High likelihood

Missing Encryption of Sensitive Data

Parent: CWE-693 - Protection Mechanism Failure

The product does not encrypt sensitive or critical information before storage or transmission.

508 vulnerabilities with CWE-311
CVE-2019-11523 CRITICAL
Anviz Global M3 Outdoor RFID Access Control - Command Injection
CVSS 9.8
CVE-2019-7311 HIGH
Linksys WRT1900ACS 1.0.3.187766 - Info Disclosure
CVSS 7.8
CVE-2019-11367 CRITICAL
AUO Solar Data Recorder <1.3.0 - Auth Bypass
CVSS 9.8
CVE-2019-10139 HIGH
cockpit-ovirt - Insufficiently Protected Credentials via Plain-Text Password Storage
CVSS 7.8
CVE-2019-11836 MEDIUM
Rediffmail 2.2.6 - Unprotected Sensitive Data Exposure via Cleartext File Storage
CVSS 4.6
CVE-2019-1692 MEDIUM
Cisco Application Policy Infrastructure Controller - Unauthenticated Sensitive Information Exposure via Web Interface
CVSS 5.3
CVE-2019-1589 MEDIUM
Cisco NX-OS - Unauthenticated Exposure of Sensitive Information via TPM Disk Encryption Keys
CVSS 4.6
CVE-2019-11405 HIGH
OpenAPI Generator < 4.0.0-20190419.052012-560 - Insecure Dependency Resolution via HTTP URLs
CVSS 8.1
CVE-2019-11404 HIGH
arrow-kt Arrow < 0.9.0 - Missing Encryption of Sensitive Data via HTTP Artifact Resolution
CVSS 8.1
CVE-2019-6526 CRITICAL
Moxa IKS-G6824A < 4.5, EDS-405A < 3.8, EDS-408A < 3.8, EDS-510A < 3.8 - Cleartext Transmission of Sensitive Information
CVSS 9.8
CVE-2019-1573 LOW
GlobalProtect Agent <4.1.10 - Privilege Escalation
CVSS 2.5
CVE-2019-1003095 MEDIUM
Jenkins Perfecto Mobile Plugin - Info Disclosure
CVSS 6.5
CVE-2019-1003094 MEDIUM
Jenkins Open STF Plugin - Info Disclosure
CVSS 6.5
CVE-2019-1003089 MEDIUM
Jenkins Upload to pgyer Plugin - Info Disclosure
CVSS 6.5
CVE-2019-1003088 MEDIUM
Jenkins Fabric Beta Publisher Plugin - Info Disclosure
CVSS 6.5
CVE-2019-1003075 HIGH
Jenkins Audit to Database Plugin - Info Disclosure
CVSS 8.8
CVE-2019-1003074 HIGH
Jenkins Hyper.sh Commons Plugin - Info Disclosure
CVSS 8.8
CVE-2019-1003073 HIGH
Jenkins VS Team Services CD Plugin - Info Disclosure
CVSS 8.8
CVE-2019-1003072 HIGH
Jenkins WildFly Deployer Plugin - Info Disclosure
CVSS 8.8
CVE-2019-1003071 HIGH
Jenkins OctopusDeploy Plugin - Info Disclosure
CVSS 8.8
CVE-2019-1003070 HIGH
Jenkins veracode-scanner Plugin - Info Disclosure
CVSS 8.8
CVE-2019-1003069 HIGH
Jenkins Aqua Security Scanner Plugin - Info Disclosure
CVSS 8.8
CVE-2019-1003068 HIGH
Jenkins VMware vRealize Automation Plugin - Info Disclosure
CVSS 8.8
CVE-2019-1003067 HIGH
Jenkins Trac Publisher Plugin - Info Disclosure
CVSS 8.8
CVE-2019-1003066 HIGH
Jenkins Bugzilla Plugin - Info Disclosure
CVSS 8.8
Details
Vulnerabilities 508
Exploit Likelihood High
Links
MITRE CWE Entry Search this CWE With Exploits