CWE-319

High likelihood

Cleartext Transmission of Sensitive Information

Parent: CWE-311 - Missing Encryption of Sensitive Data

The product transmits sensitive or security-critical data in cleartext in a communication channel that can be sniffed by unauthorized actors.

882 vulnerabilities with CWE-319
CVE-2024-10718 HIGH
phpipam < 1.7.0 - Cleartext Transmission of Sensitive Information via Cookie Secure Attribute
CVSS 7.5
CVE-2024-44276 HIGH
iPadOS < 18.2 - Cleartext Transmission of Sensitive Information
CVSS 7.3
CVE-2024-13872 HIGH
Bitdefender Box 1.3.11.490-1.3.11.505 - Unauthenticated Remote Code Execution via MITM Update Mechanism
CVSS 7.5
CVE-2024-5462 HIGH
Brocade Fabric OS <9.2.0 - Info Disclosure
CVSS 7.5
CVE-2024-36558 HIGH
Forever KidsWatch Call Me KW-50 R36_YDR_A3PW_GM7S_V1.0 - Info Discl...
CVSS 7.5
CVE-2024-43187 MEDIUM
IBM Security Verify Access Appliance and Container <10.0.9 - Info D...
CVSS 5.9
CVE-2024-28786 MEDIUM
IBM QRadar SIEM 7.5 - Cleartext Transmission of Sensitive Information
CVSS 6.5
CVE-2024-41757 MEDIUM
IBM Concert 1.0.0 and 1.0.1 - Cleartext Transmission of Sensitive Information
CVSS 5.9
CVE-2024-26155 MEDIUM
ETIC Telecom Remote Access Server Firmware < 4.5.0 - Cleartext Transmission of Sensitive Information in Web Portal
CVSS 6.8
CVE-2024-48121 MEDIUM
HI-SCAN 6040i Hitrax HX-03-19-I - Info Disclosure
CVSS 6.5
CVE-2024-45102 MEDIUM
Lenovo XClarity Administrator < 4.1 - Authenticated Privilege Escalation via SSO Provider
CVSS 6.8
CVE-2024-42181 LOW
HCL MyXalytics - Cleartext Transmission of Sensitive Information
CVSS 1.6
CVE-2024-46505 CRITICAL
Infoblox BloxOne v2.4 - Info Disclosure
CVSS 9.1
CVE-2024-11946 MEDIUM
iXsystems TrueNAS CORE - Info Disclosure
CVSS 6.5
CVE-2024-10973 MEDIUM
Keycloak Quarkus Server 25.0.0-25.99.9 - Cleartext Transmission of Sensitive Information via JGroups Replication
CVSS 5.7
CVE-2024-49820 LOW
IBM Security Guardium Key Lifecycle Manager <4.2.1 - Info Disclosure
CVSS 3.7
CVE-2024-49819 MEDIUM
IBM Security Guardium Key Lifecycle Manager <4.2.1 - Info Disclosure
CVSS 4.1
CVE-2024-53246 MEDIUM
Splunk Enterprise <9.3.2, <9.2.4, <9.1.7 & Splunk Cloud <9.3.2408.101 - Sensitive Info Disclosure via SPL
CVSS 5.3
CVE-2024-47577 LOW
SAP Commerce Cloud - Info Disclosure
CVSS 2.7
CVE-2024-6515 CRITICAL
ABB ASPECT/MATRIX/NEXUS Firmware < 3.08.03 - Cleartext Transmission of Sensitive Information
CVSS 9.6
CVE-2024-9834 CRITICAL
Ventilator <unknown - Info Disclosure
CVSS 9.3
CVE-2024-28169 MEDIUM
BigDL < 2.5.0 - Cleartext Transmission of Sensitive Information
CVSS 5.4
CVE-2024-43432 MEDIUM
moodle < 4.1.12 and 4.4.0-4.4.2 - Cleartext Transmission of Sensitive Information via cURL Wrapper Redirect
CVSS 5.3
CVE-2024-50634 HIGH
Watcharr < 1.43.0 - Privilege Escalation via Weak JWT Token
CVSS 8.8
CVE-2024-32946 MEDIUM
LevelOne WBR-6012 Firmware R0.40e6 - Cleartext Transmission of Sensitive Information via Web and FTP Services
CVSS 5.9
Details
Vulnerabilities 882
Exploit Likelihood High
Links
MITRE CWE Entry Search this CWE With Exploits