Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-311

CWE-311

High likelihood

Missing Encryption of Sensitive Data

Parent: CWE-693 - Protection Mechanism Failure

The product does not encrypt sensitive or critical information before storage or transmission.

508 vulnerabilities with CWE-311

CVE-2024-20515 MEDIUM

Cisco Identity Services Engine - Authenticated Sensitive Information Disclosure via Web Management Interface

CVE-2024-42495 MEDIUM

Unencrypted Protocol - Info Disclosure

CVE-2024-20503 MEDIUM

Cisco Duo Epic for Hyperdrive - Info Disclosure

CVE-2024-42657 HIGH

Wishnet Nepstech Wifi Router NTPL-XPON1GFEVN v1.0 - Info Disclosure

CVE-2024-40620 HIGH

Rockwell Automation Pavilion8 - Missing Encryption of Sensitive Data

CVE-2024-7396 HIGH

Korenix JetPort 5601v3 - Info Disclosure

CVE-2024-23444 MEDIUM

Elasticsearch 7.0.0-7.17.22 & 8.0.0-alpha1-8.12.4 - Unencrypted Private Key Storage

CVE-2024-41124 MEDIUM

Puncia < 0.21 - Missing Encryption of Sensitive Data via HTTP API_URLs

CVE-2024-38302 MEDIUM

Dell Data Lakehouse <1.0.0.0 - Info Disclosure

CVE-2024-5731 MEDIUM

Trellix Intrusion Prevention System (IPS) Manager - Sensitive Information Exposure via Request Parameter Manipulation

CVE-2024-38283 MEDIUM

Motorola Solutions Vigilant Fixed LPR Coms Box < 3.1.171.9 - Unprotected Sensitive Data Storage

CVE-2024-35061 HIGH

NASA AIT-Core < 2.5.2 - Missing Encryption of Sensitive Data

CVE-2024-27106 MEDIUM

GE HealthCare EchoPAC - Info Disclosure

CVE-2024-25027 MEDIUM

IBM Security Verify Access <10.0.6 - Info Disclosure

CVE-2024-28250 MEDIUM

Cilium 1.14.0-1.14.7 - Cleartext Transmission of Sensitive Information via WireGuard Traffic

CVE-2024-28249 MEDIUM

Cilium < 1.13.13, 1.14.0-1.14.8, 1.15.0-1.15.2 - Cleartext Transmission of Sensitive Information via IPsec Traffic

CVE-2024-29151 CRITICAL

Rocket.Chat.Audit <5ad78e8 - Info Disclosure

CVE-2024-25631 MEDIUM

Cilium 1.14.0-1.14.6 - Cleartext Transmission of Sensitive Information via Wireguard Encryption

CVE-2024-25630 MEDIUM

Cilium 1.14.0-1.14.6 - Cleartext Transmission of Sensitive Information in Wireguard Encryption

CVE-2024-24768 MEDIUM

1Panel < 1.9.6 - Cleartext Storage of Sensitive Information in Cookie

CVE-2023-37405 MEDIUM

IBM Cloud Pak System 2.3.3.0-2.3.4.1 - Sensitive Data Exposure via Unencrypted Memory Storage

CVE-2023-52950 MEDIUM

Synology Active Backup for Business Agent < 2.7.0-3221 - Missing Encryption of Sensitive Data in Login Component

CVE-2023-52948 MEDIUM

Synology Active Backup for Business Agent < 2.7.0-3221 - Missing Encryption of Sensitive Data in Settings Functionality

CVE-2023-49927 MEDIUM

Samsung Mobile Processor - Info Disclosure

CVE-2023-35888 MEDIUM

IBM Security Verify Governance 10.0.2 - Sensitive Information Exposure via Missing HSTS Enforcement

Previous Page 3 of 21 Next

Details

Vulnerabilities 508

Exploit Likelihood High

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy