CWE-319

High likelihood

Cleartext Transmission of Sensitive Information

Parent: CWE-311 - Missing Encryption of Sensitive Data

The product transmits sensitive or security-critical data in cleartext in a communication channel that can be sniffed by unauthorized actors.

882 vulnerabilities with CWE-319
CVE-2024-41262 HIGH
immudb 1.9.3 - Cleartext Transmission of Sensitive Information via ShowMetricsRaw and ShowMetricsAsText Functions
CVSS 7.4
CVE-2024-41687 HIGH
SyroTech SY-GPON-1110-WDONT Firmware - Cleartext Transmission of Sensitive Information via HTTP Session
CVSS 7.5
CVE-2024-6972 MEDIUM
Octopus Server 2024.1.437-2024.1.12759 - Cleartext Transmission of Sensitive Information in Task Log
CVSS 6.5
CVE-2024-41124 MEDIUM
Puncia < 0.21 - Missing Encryption of Sensitive Data via HTTP API_URLs
CVSS 6.3
CVE-2024-5631 MEDIUM
Longse NVR3608PGE2W and Zamel ZMB-01 - Cleartext Transmission of Sensitive Information
CVE-2024-6388 MEDIUM
Ubuntu Advantage Desktop Daemon <1.12 - Info Disclosure
CVSS 5.9
CVE-2024-37183 MEDIUM
Westermo L210-F2G Firmware - Cleartext Transmission of Sensitive Information
CVSS 5.7
CVE-2024-0066 MEDIUM
AXIS OS - Cleartext Transmission of Sensitive Information via O3C Feature
CVSS 5.3
CVE-2024-27166 HIGH
Toshiba Tec e-Studio multi-function peripheral (MFP) - Plaintext Password Exposure via Coredump Permissions
CVSS 7.4
CVE-2024-27163 MEDIUM
Toshiba Tec e-Studio MFP - Cleartext Transmission of Sensitive Information via Internal API
CVSS 6.5
CVE-2024-35210 MEDIUM
SINEC Traffic Analyzer < 1.2 - Cleartext Transmission of Sensitive Information via Missing HSTS Enforcement
CVSS 5.1
CVE-2024-37393 HIGH
SecurEnvoy MFA < 9.4.514 - Unauthenticated LDAP Injection via DESKTOP Service
CVSS 7.5
CVE-2024-37163 MEDIUM
SkyScraper 1.0.0 - Cleartext Transmission of Sensitive Information via Unsecured HTTP Requests
CVSS 6.4
CVE-2024-36426 HIGH
TARGIT Decision Suite <23.2.15007.0 - Info Disclosure
CVSS 7.5
CVE-2024-35060 HIGH
NASA AIT-Core < 2.5.2 - Remote Code Execution via Crafted YAML File
CVSS 7.5
CVE-2024-35059 HIGH
NASA AIT-Core < 2.5.2 - Remote Code Execution via Pickle Deserialization
CVSS 7.5
CVE-2024-35058 HIGH
NASA AIT-Core < 2.5.2 - Remote Code Execution via API Wait Function
CVSS 7.5
CVE-2024-35057 HIGH
NASA AIT-Core < 2.5.2 - Remote Code Execution via Crafted Packet
CVSS 7.5
CVE-2024-31840 MEDIUM
Italtel Embrace 1.6.4 - Info Disclosure
CVSS 6.5
CVE-2024-30209 CRITICAL
SIMATIC RTLS Locating Manager -<V3.0.1.1 - Info Disclosure
CVSS 9.6
CVE-2024-28134 HIGH
CHARX SEC-3000/3050/3100/3150 Firmware < 1.5.1 - Unauthenticated Cleartext Transmission of Sensitive Information
CVSS 7.0
CVE-2024-0098 MEDIUM
NVIDIA ChatRTX < 0.3 - Cleartext Transmission of Sensitive Information
CVSS 5.5
CVE-2024-1657 HIGH
Red Hat Ansible Automation Platform 2.4 for RHEL 8/9 - Cleartext Transmission of Sensitive Information via WebSocket
CVSS 8.1
CVE-2024-4161 HIGH
Brocade SANnav < 2.3.0 - Unauthenticated Cleartext Transmission of Sensitive Information via Syslog
CVSS 8.6
CVE-2024-31206 HIGH
dectalk-tts <1.0.1 - Info Disclosure
CVSS 8.2
Details
Vulnerabilities 882
Exploit Likelihood High
Links
MITRE CWE Entry Search this CWE With Exploits