CWE-319

High likelihood

Cleartext Transmission of Sensitive Information

Parent: CWE-311 - Missing Encryption of Sensitive Data

The product transmits sensitive or security-critical data in cleartext in a communication channel that can be sniffed by unauthorized actors.

882 vulnerabilities with CWE-319
CVE-2022-3261 MEDIUM
Red Hat OpenStack Platform - Cleartext Transmission of Sensitive Information in /var/log/messages
CVSS 4.4
CVE-2022-41327 HIGH
Fortinet FortiOS <7.2.4, FortiProxy <7.2.1 - Info Disclosure
CVSS 7.8
CVE-2022-46680 HIGH
PowerLogic ION9000, ION7400, PM8000, ION8650, ION8800 Firmware < 4.0.0 - Cleartext Transmission of Sensitive Information
CVSS 8.8
CVE-2022-38458 MEDIUM
Netgear Orbi Router RBR750 4.6.8.5 - Info Disclosure
CVSS 6.5
CVE-2022-32906 MEDIUM
Apple Music < 3.9.10 - Cleartext Transmission of Sensitive Information
CVSS 5.3
CVE-2022-45546 HIGH
ScreenCheck BadgeMaker 2.6.2.0 - Cleartext Transmission of Sensitive Information in Authentication Component
CVSS 7.5
CVE-2022-40693 HIGH
Moxa SDS-3008 Series < 2.1 - Cleartext Transmission of Sensitive Information via Web Application
CVSS 7.5
CVE-2022-47714 CRITICAL
Last Yard 22.09.8-1 - Cleartext Transmission of Sensitive Information
CVSS 9.8
CVE-2022-0553 MEDIUM
Zephyr < 3.0.0 - Cleartext Transmission of Sensitive Information via Unencrypted Firmware Upload
CVSS 6.5
CVE-2022-23509 HIGH
Weave GitOps < 0.12.0 - Cleartext Transmission of Sensitive Information via Local S3 Bucket
CVSS 7.3
CVE-2022-3929 HIGH
HitachiEnergy FOXMAN-UN and UNEM - Cleartext Transmission of Sensitive Information via CORBA
CVSS 8.3
CVE-2022-43551 HIGH
curl < 7.87.0 - Cleartext Transmission of Sensitive Information via HSTS Bypass
CVSS 7.5
CVE-2022-22457 MEDIUM
IBM Security Verify Governance 10.0.1 - Cleartext Transmission of Sensitive Information
CVSS 5.3
CVE-2022-22758 HIGH
Firefox < 97.0 - Cleartext Transmission of Sensitive Information via USSD Code Injection in tel: Links
CVSS 8.8
CVE-2022-47895 MEDIUM
JetBrains IntelliJ IDEA < 2022.3.1 - Cleartext Transmission of Sensitive Information via JSP File Validation
CVSS 4.7
CVE-2022-42454 MEDIUM
HCL BigFix Insights for Vulnerability Remediation < 2.0 - Cleartext Transmission of Sensitive Information
CVSS 6.4
CVE-2022-43724 CRITICAL
SICAM PAS/PQS < V7.0 - SQL Injection
CVSS 9.8
CVE-2022-46685 MEDIUM
Jenkins Gitea Plugin <1.4.4 - Info Disclosure
CVSS 4.3
CVE-2022-40939 MEDIUM
Secustation <various> - Info Disclosure
CVSS 4.9
CVE-2022-45877 HIGH
OpenHarmony 3.1-3.1.4 - Cleartext Transmission of Sensitive Information via Cross-Device Authentication
CVSS 8.3
CVE-2022-45478 MEDIUM
Telepad < 1.0.7 - Unauthenticated Cleartext Transmission of Sensitive Information
CVSS 5.9
CVE-2022-45483 MEDIUM
lazy_mouse < 2.0.1 - Unauthenticated Cleartext Transmission of Sensitive Information
CVSS 5.9
CVE-2022-45480 MEDIUM
PC Keyboard WiFi & Bluetooth < 30 - Cleartext Transmission of Sensitive Information
CVSS 5.9
CVE-2022-39339 MEDIUM
nextcloud/openid_connect_user_backend < 1.2.1 - Cleartext Transmission of Sensitive Information
CVSS 4.3
CVE-2022-44411 HIGH
Web Based Quiz System v1.0 - Info Disclosure
CVSS 7.5
Details
Vulnerabilities 882
Exploit Likelihood High
Links
MITRE CWE Entry Search this CWE With Exploits