CWE-319

High likelihood

Cleartext Transmission of Sensitive Information

Parent: CWE-311 - Missing Encryption of Sensitive Data

The product transmits sensitive or security-critical data in cleartext in a communication channel that can be sniffed by unauthorized actors.

884 vulnerabilities with CWE-319
CVE-2017-6665 MEDIUM
Cisco IOS - Unauthenticated Information Disclosure via Autonomic Networking ACP
CVSS 6.5
CVE-2017-1181 HIGH
IBM Tivoli Monitoring Portal V6 - Privilege Escalation
CVSS 7.0
CVE-2017-1000024 HIGH
Shotwell <0.24.4, <0.25.3 - Info Disclosure
CVSS 7.5
CVE-2017-5652 HIGH
Apache Impala 2.7.0-2.8.0 - Cleartext Transmission of Sensitive Information via StatestoreSubscriber Thrift Transport
CVSS 7.5
CVE-2017-9035 HIGH
Trend Micro ServerProtect for Linux <3.0 - Info Disclosure
CVSS 7.4
CVE-2017-8851 MEDIUM
OxygenOS - Cleartext Transmission of Sensitive Information via OTA Update Process
CVSS 5.9
CVE-2017-8850 MEDIUM
OxygenOS - Cleartext Transmission of Sensitive Information via OTA Update Process
CVSS 5.9
CVE-2017-3305 MEDIUM
MySQL Server 5.5.0-5.5.55 and 5.6.0-5.6.35 - Cleartext Transmission of Sensitive Information
CVSS 5.3
CVE-2017-2412 MEDIUM
iPhone OS < 10.3 - Cleartext Transmission of Sensitive Information in iTunes Store
CVSS 5.9
CVE-2017-3815 MEDIUM
Cisco TelePresence Server <4.3 - Privilege Escalation
CVSS 5.3
CVE-2017-6370 MEDIUM
TYPO3 7.6.15 - Cleartext Transmission of Sensitive Information via Login Provider Request
CVSS 5.3
CVE-2017-6432 HIGH
Dahua NVR Firmware 3.210.0001.10 - Cleartext Transmission of Sensitive Information via DVR Protocol
CVSS 8.1
CVE-2017-6410 MEDIUM
kdelibs < 4.14.30 and kio < 5.32 - Cleartext Transmission of Sensitive Information via PAC FindProxyForURL
CVSS 5.5
CVE-2017-6341 MEDIUM
Dahuasecurity Camera Firmware - Cleartext Transmission
CVSS 5.9
CVE-2016-5649 CRITICAL
Netgear DGN2200-V1.0.0.50_7.0.50 & DGND3700-V1.0.0.17_1.0.17 - Info...
CVSS 9.8
CVE-2016-5638 HIGH
Netgear WNDR4500 V1.0.1.40_1.0.6877 - Info Disclosure
CVSS 7.5
CVE-2015-7542 MEDIUM
libgwenhywfar <4.12.0 - Info Disclosure
CVSS 5.3
CVE-2015-0987 CRITICAL
Omron CX-One CX-Programmer <9.6 - Info Disclosure
CVSS 10.0
CVE-2014-5380 HIGH
Grand MA 300 Firmware - Cleartext Transmission of Sensitive PIN Data
CVSS 7.5
CVE-2012-5562 HIGH
Red Hat Satellite < 5.6 - Cleartext Transmission of Sensitive Information via rhn-proxy
CVSS 8.6
CVE-2012-1257 MEDIUM
Pidgin 2.10.0 - Cleartext Transmission of Sensitive Information via DBUS
CVSS 5.5
CVE-2011-3022
Google Chrome < 17.0.963.56 - Cleartext Transmission of Sensitive Information via Translation Manager
CVE-2010-4177 MEDIUM
mysql-gui-tools < 5.0r14+openSUSE-2.3 - Cleartext Password Exposure via Process List
CVSS 5.5
CVE-2008-4122 HIGH
Joomla! 1.5.8 - Cleartext Transmission of Sensitive Information via Session Cookie
CVSS 7.5
CVE-2008-4390 HIGH
Cisco Linksys WVC54GC Firmware < 1.25 - Cleartext Transmission of Sensitive Information via Setup Wizard
CVSS 7.5
Details
Vulnerabilities 884
Exploit Likelihood High
Links
MITRE CWE Entry Search this CWE With Exploits