CWE-319

High likelihood

Cleartext Transmission of Sensitive Information

Parent: CWE-311 - Missing Encryption of Sensitive Data

The product transmits sensitive or security-critical data in cleartext in a communication channel that can be sniffed by unauthorized actors.

884 vulnerabilities with CWE-319
CVE-2020-2232 HIGH
Jenkins Email Ext <2.72-2.73 - Info Disclosure
CVSS 7.5
CVE-2020-9526 MEDIUM
CS2 Network P2P < 3.0.3a - Cleartext Transmission of Sensitive Information
CVSS 5.9
CVE-2020-15062 HIGH
DIGITUS DA-70254 - Privilege Escalation
CVSS 8.8
CVE-2020-15058 HIGH
Lindy 42633 4-Port USB 2.0 Gigabit Network Server 2.078.000 - Cleartext Transmission of Sensitive Information via UDP
CVSS 8.8
CVE-2020-15054 HIGH
TP-Link USB Network Server TL-PS310U <2.079.000.t0210 - Privilege E...
CVSS 8.8
CVE-2020-15954 MEDIUM
KDE KMail 19.12.3 - Cleartext Transmission of Sensitive Information via POP3
CVSS 6.5
CVE-2020-12638 MEDIUM
Espressif ESP-IDF <4.2 - Auth Bypass
CVSS 6.8
CVE-2020-4397 MEDIUM
IBM Verify Gateway 1.0.0 and 1.0.1 - Cleartext Transmission of Sensitive Information
CVSS 5.9
CVE-2020-3442 MEDIUM
DuoConnect < 1.1.1 - Cleartext Transmission of Sensitive Information via HTTP Relay
CVSS 4.8
CVE-2020-7592 MEDIUM
SIMATIC HMI Panels and WinCC Runtime Advanced - Cleartext Transmission of Sensitive Information
CVSS 6.5
CVE-2020-14171 MEDIUM
Atlassian Bitbucket 4.9.0-7.2.4 - Cleartext Transmission of Sensitive Information via Repository Import Requests
CVSS 6.5
CVE-2020-12398 HIGH
Thunderbird <68.9.0 - Info Disclosure
CVSS 7.5
CVE-2020-15509 MEDIUM
Nordic Semiconductor Android BLE & DFU Libraries < 2.2.1 & < 1.10.4 - Cleartext Transmission of Sensitive Information
CVSS 6.5
CVE-2020-10281 HIGH
Micro Air Vehicle Link - Cleartext Transmission of Sensitive Information
CVSS 7.5
CVE-2020-2210 MEDIUM
Jenkins Stash Branch Param Plug <0.3.0 - Info Disclosure
CVSS 4.3
CVE-2020-5899 HIGH
NGINX Controller 3.0.0-3.4.0 - Info Disclosure
CVSS 7.8
CVE-2020-12048 HIGH
Phoenix Hemodialysis Delivery System 3.36 and 3.40 - Cleartext Transmission of Sensitive Treatment Data
CVSS 7.5
CVE-2020-12040 CRITICAL
Sigma Spectrum Infusion System 6.x-8.x - Cleartext Transmission of Sensitive Information
CVSS 9.8
CVE-2020-12037 HIGH
Baxter PrismaFlex and PrisMax < 3.0 - Cleartext Transmission of Sensitive Data to PDMS/EMR
CVSS 7.5
CVE-2020-12036 HIGH
Baxter PrismaFlex and PrisMax < 3.0 - Cleartext Transmission of Sensitive Data to PDMS/EMR
CVSS 7.5
CVE-2020-12008 HIGH
Baxter ExactaMix EM 2400 and EM1200 - Cleartext Transmission of Sensitive Order Information
CVSS 7.5
CVE-2020-10628 HIGH
Honeywell ControlEdge PLC and RTU - Cleartext Transmission of Sensitive Information
CVSS 7.5
CVE-2020-10624 HIGH
Honeywell ControlEdge PLC and RTU - Cleartext Transmission of Sensitive Session Token
CVSS 7.5
CVE-2020-5594 CRITICAL
Mitsubishi Electric - Info Disclosure
CVSS 9.8
CVE-2020-14930 HIGH
BT CTROMS Terminal OS Port Portal CT-464 - Info Disclosure
CVSS 8.1
Details
Vulnerabilities 884
Exploit Likelihood High
Links
MITRE CWE Entry Search this CWE With Exploits