Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-311

CWE-311

High likelihood

Missing Encryption of Sensitive Data

Parent: CWE-693 - Protection Mechanism Failure

The product does not encrypt sensitive or critical information before storage or transmission.

508 vulnerabilities with CWE-311

CVE-2022-23116 HIGH

Jenkins Conjur Secrets Plugin < 1.0.9 - Sensitive Data Exposure via Agent Process Decryption

CVE-2021-39090 MEDIUM

IBM Cloud Pak for Security 1.10.0.0-1.10.6.0 - Cleartext Transmission of Sensitive Information via Missing HSTS

CVE-2021-4239 HIGH

Noise protocol - Cryptographic Weakness & DoS

CVE-2021-40642 MEDIUM

Textpattern CMS <4.8.7 - Info Disclosure

CVE-2021-40650 MEDIUM

Connx <6.2.0.1269 - Info Disclosure

CVE-2021-27783 MEDIUM

HCL BigFix Mobile - Unencrypted Sensitive Data Exposure in PPKG File

CVE-2021-27779 CRITICAL

VersionVault Express - Info Disclosure

CVE-2021-27764 HIGH

HCL BigFix WebUI - Insecure Cookie Permission Assignment

CVE-2021-37209 MEDIUM

Siemens RUGGEDCOM ROS - Inadequate Encryption Strength in SSH Server

CVE-2021-21963 MEDIUM

Sealevel SeaConnect 370W v1.3.34 - Information Disclosure via Man-in-the-Middle Attack

CVE-2021-37189 HIGH

Digi TransPort Gateway Firmware < 6.0.0.0 - Sensitive Cookie Information Disclosure via Missing Secure Attribute

CVE-2021-36189 MEDIUM

Fortinet FortiClientEMS <7.0.1 & <6.4.4 - Info Disclosure

CVE-2021-37050 HIGH

HarmonyOS < 2.0 - Missing Encryption of Sensitive Data

CVE-2021-38977 MEDIUM

IBM Tivoli Key Lifecycle Manager <4.1 - Open Redirect

CVE-2021-40366 HIGH

Climatix POL909 Firmware < 11.34 (AWM)/< 11.42 (AWB) Cleartext Transmission of Sensitive Info

CVE-2021-35236 LOW

Kiwi Syslog Server <9.7.2 - Info Disclosure

CVE-2021-29883 MEDIUM

IBM Transformation Extender Advanced 9.0.0.0-9.0.2.4 - Missing Encryption of Sensitive Data in Session Cookies

CVE-2021-28496 MEDIUM

Arista EOS 4.22-4.26.1 Authenticated Password Exposure via eAPI

CVE-2021-31386 MEDIUM

Juniper Networks Junos OS <12.3R12-S20, <15.1R7-S11, <18.3R3-S6, <1...

CVE-2021-3882 MEDIUM

LedgerSMB 1.8.0-1.8.21 - Sensitive Cookie Without 'Secure' Attribute

CVE-2021-41302 HIGH

ECOA BAS Controller - Unauthenticated Cleartext Storage of Sensitive Information in Backup Exports

CVE-2021-22932 HIGH

Citrix ShareFile storage zones controller < 5.11.19 - Missing Encryption of Sensitive Data via CTX269106 Mitigation Tool

CVE-2021-32001 MEDIUM

SUSE Rancher K3s and RKE2 - Unprotected Sensitive Data Exposure via Datastore Access

CVE-2021-33900 HIGH

Apache Directory Studio < 2.0.0.v20210717-M17 - Cleartext Transmission of Sensitive Information via StartTLS and SASL

CVE-2021-22782 MEDIUM

EcoStruxure Control Expert < 15.0 SP1, EcoStruxure Process Expert, RemoteConnect - Missing Encryption of Sensitive Data

Previous Page 7 of 21 Next

Details

Vulnerabilities 508

Exploit Likelihood High

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy