CWE-319

High likelihood

Cleartext Transmission of Sensitive Information

Parent: CWE-311 - Missing Encryption of Sensitive Data

The product transmits sensitive or security-critical data in cleartext in a communication channel that can be sniffed by unauthorized actors.

882 vulnerabilities with CWE-319
CVE-2022-28861 MEDIUM
Citilog 8.0 - Cleartext Transmission of FTP Credentials via HTTP Traffic
CVSS 5.9
CVE-2022-34804 MEDIUM
Jenkins OpsGenie Plugin < 1.9 - Cleartext Transmission of Sensitive Information via Configuration Forms
CVSS 4.3
CVE-2022-34801 MEDIUM
Jenkins Build Notifications Plugin < 1.5.0 - Cleartext Transmission of Sensitive Tokens
CVSS 4.3
CVE-2022-29519 HIGH
Yokogawa STARDOM FCN and FCJ Firmware R1.01-R4.31 - Cleartext Transmission of Sensitive Information
CVSS 7.5
CVE-2022-21829 CRITICAL
Concrete CMS <8.5.8 and 9.0.0-9.0.2 - Remote Code Execution via Insecure HTTP Zip Download
CVSS 9.8
CVE-2022-1524 HIGH
illumina local_run_manager < 3.1 - Cleartext Transmission of Sensitive Information
CVSS 7.4
CVE-2022-21184 MEDIUM
atvise 3.5.4-3.7 - Cleartext Transmission of Sensitive Information via License Registration
CVSS 5.9
CVE-2022-31046 MEDIUM
TYPO3 <7.6.57 ELTS, <8.7.47 ELTS, <9.5.34 ELTS, <10.4.29, <11.5.11 ...
CVSS 4.3
CVE-2022-25805 MEDIUM
IGEL Universal Management Suite 6.07.100 - Cleartext LDAP Credential Transmission
CVSS 6.5
CVE-2022-30115 MEDIUM
curl 7.82.0-7.83.0 - Cleartext Transmission of Sensitive Information via HSTS Bypass
CVSS 4.3
CVE-2022-29733 MEDIUM
Delta Controls enteliTOUCH 3.40.3935 3.40.3706 3.33.4005 - Cleartext Transmission of Sensitive Information
CVSS 5.9
CVE-2022-26077 HIGH
Open Automation Software OAS Platform <16.00.0112 - Info Disclosure
CVSS 7.5
CVE-2022-21951 MEDIUM
SUSE Rancher <2.5.14, <2.6.5 - Info Disclosure
CVSS 6.8
CVE-2022-29874 HIGH
Siemens 7kg8500-0aa00-0aa0 Firmware < 3.00 - Cleartext Transmission
CVSS 8.8
CVE-2022-30994 HIGH
Acronis Cyber Protect <15 - Info Disclosure
CVSS 7.5
CVE-2022-30993 HIGH
Acronis Cyber Protect <15 - Info Disclosure
CVSS 7.5
CVE-2022-0005 LOW
Intel Celeron and Core i3 Firmware - Sensitive Information Disclosure via JTAG Interface
CVSS 2.4
CVE-2022-29945 MEDIUM
DJI Drone Firmware - Unencrypted Location Data Transmission via AeroScope Protocol
CVSS 4.0
CVE-2022-24978 HIGH
ManageEngine ADAudit Plus < 7055 - Authenticated Privilege Escalation via Cleartext Password Exposure
CVSS 8.8
CVE-2022-0988 HIGH
Delta Electronics DIAEnergie <= 1.7.5 - Cleartext Transmission of Sensitive Information
CVSS 7.1
CVE-2022-21798 HIGH
GE CIMPLICITY - Cleartext Transmission of Sensitive Information
CVSS 7.5
CVE-2022-25180 MEDIUM
Jenkins Pipeline < 2648.va9433432b33c - Cleartext Transmission of Sensitive Information via Replayed Builds
CVSS 4.3
CVE-2022-0162 HIGH
TP-Link TL-WR841N V11 3.16.9 Build 160325 Rel.62500n - Info Disclosure
CVSS 8.4
CVE-2022-23105 MEDIUM
Jenkins Active Directory Plugin < 2.25 - Cleartext Transmission of Sensitive Information
CVSS 6.5
CVE-2021-39081 MEDIUM
IBM Cognos Analytics Mobile for Android 1.1.14 - Cleartext Transmission of Sensitive Information
CVSS 5.9
Details
Vulnerabilities 882
Exploit Likelihood High
Links
MITRE CWE Entry Search this CWE With Exploits