CWE-319

High likelihood

Cleartext Transmission of Sensitive Information

Parent: CWE-311 - Missing Encryption of Sensitive Data

The product transmits sensitive or security-critical data in cleartext in a communication channel that can be sniffed by unauthorized actors.

882 vulnerabilities with CWE-319
CVE-2023-30841 MEDIUM
Baremetal Operator < 0.3.0 - Cleartext Transmission of Sensitive Information via ConfigMap Storage
CVSS 6.0
CVE-2023-1831 HIGH
Mattermost < 7.7.3 - Sensitive Information Exposure in Audit Logs
CVSS 7.2
CVE-2023-30515 HIGH
Jenkins Thycotic DevOps Secrets Vault Plugin < 1.0.0 - Cleartext Transmission of Sensitive Information in Build Log
CVSS 7.5
CVE-2023-30514 HIGH
Jenkins Azure Key Vault Plugin < 187.va_cd5fecd198a - Credential Exposure in Build Log
CVSS 7.5
CVE-2023-30513 HIGH
Jenkins Kubernetes Plugin < 3909.v1f2c633e8590 - Cleartext Transmission of Sensitive Information in Build Log
CVSS 7.5
CVE-2023-1802 MEDIUM
Docker Desktop 4.17.x - Info Disclosure
CVSS 5.9
CVE-2023-0922 MEDIUM
Samba >=4.0.0 <4.16.10 - Cleartext Transmission of Sensitive Information via LDAP Password Operations
CVSS 5.9
CVE-2023-1656 HIGH
ForgeRock Inc. OpenIDM <1.5.20.13 - Info Disclosure
CVSS 7.5
CVE-2023-27927 MEDIUM
sauter-controls ey-as525f001_firmware - Authenticated Cleartext Transmission of SMTP Password
CVSS 6.5
CVE-2023-0053 HIGH
SAUTER Controls Nova 200-220 - Info Disclosure
CVSS 7.5
CVE-2023-23915 MEDIUM
curl 7.77.0-7.87.0 - Cleartext Transmission of Sensitive Information via HSTS Cache Overwrite
CVSS 6.5
CVE-2023-23914 CRITICAL
curl < 7.88.0 - Cleartext Transmission of Sensitive Information via HSTS State Mismanagement
CVSS 9.1
CVE-2023-22806 HIGH
LS ELECTRIC XBC-DN32U 01.80 - Cleartext Transmission of Sensitive Information via XGT Protocol
CVSS 7.5
CVE-2023-0001 MEDIUM
Palo Alto Networks Cortex XDR < - Info Disclosure
CVSS 6.0
CVE-2023-25016 HIGH
Couchbase Server < 6.6.6, 7.x < 7.0.5, 7.1.x < 7.1.2 - Cleartext Transmission of Sensitive Information
CVSS 7.5
CVE-2023-23130 MEDIUM
Connectwise Automate 2022.11 - Cleartext Transmission of Sensitive Information
CVSS 5.9
CVE-2023-24440 MEDIUM
Jenkins JIRA Pipeline Steps Plugin <2.0.165.v8846cf59f3db - Info Di...
CVSS 5.5
CVE-2023-22863 MEDIUM
IBM Robotic Process Automation 20.12.0-21.0.2 - Cleartext Transmission of Sensitive Information via Default HTTP
CVSS 5.9
CVE-2023-22597 MEDIUM
InRouter 302 < 3.5.56 & InRouter 615 < 2.3.0.r5542 - Cleartext Sensitive Data via Cloud
CVSS 6.5
CVE-2023-0055 MEDIUM
pyload <0.5.0b3.dev32 - Info Disclosure
CVSS 5.3
CVE-2022-41545 MEDIUM
Netgear C7800 Router <6.01.07 - Info Disclosure
CVSS 6.4
CVE-2022-32510 HIGH
Nuki Home Solutions - Unencrypted Channel
CVSS 7.1
CVE-2022-22385 MEDIUM
IBM Security Verify Privilege On-Premises <11.5 - Info Disclosure
CVSS 5.9
CVE-2022-47892 MEDIUM
NetMan 204 Firmware - Unauthenticated Sensitive Information Exposure via config.cgi
CVSS 5.3
CVE-2022-47560 MEDIUM
Ormazabal ekorRCI and ekorCCP Firmware - Cleartext Transmission of Sensitive Information
CVSS 5.7
Details
Vulnerabilities 882
Exploit Likelihood High
Links
MITRE CWE Entry Search this CWE With Exploits