CWE-319

High likelihood

Cleartext Transmission of Sensitive Information

Parent: CWE-311 - Missing Encryption of Sensitive Data

The product transmits sensitive or security-critical data in cleartext in a communication channel that can be sniffed by unauthorized actors.

882 vulnerabilities with CWE-319
CVE-2024-8013 LOW
Mongo <5.0.29, <6.0.17, <7.0.12, <7.3.4 - Info Disclosure
CVSS 2.2
CVE-2024-50624 MEDIUM
KDE Kmail < 6.2.0 - Cleartext Transmission of Sensitive Information via Autoconfig URL
CVSS 5.9
CVE-2024-40595 MEDIUM
One Identity Safeguard for Privileged Sessions <7.5.1 - Auth Bypass
CVSS 5.3
CVE-2024-40090 MEDIUM
Vilo 5 Mesh WiFi System <= 5.16.1.33 - Info Disclosure
CVSS 4.3
CVE-2024-49387 HIGH
Acronis Cyber Protect < 16 build 38690 - Cleartext Transmission of Sensitive Information in acep-collector Service
CVSS 7.5
CVE-2024-48788 HIGH
YESCAM 1.0.2 - Cleartext Transmission of Sensitive Information via Firmware Update Process
CVSS 7.5
CVE-2024-47833 MEDIUM
Taipy < 4.0.0 - Cleartext Transmission of Sensitive Information via Session Cookies
CVSS 6.5
CVE-2024-9620 MEDIUM
Ansible Automation Platform - Info Disclosure
CVSS 5.3
CVE-2024-47789 HIGH
D3D Security IP Camera D8801 - Info Disclosure
CVE-2024-35495 MEDIUM
TP-Link Kasa KP125M/Tapo P125M <1.0.0 - Info Disclosure
CVSS 4.3
CVE-2024-7713 HIGH
AI ChatBot with ChatGPT and Content Generator by AYS < 2.1.0 - Unauthenticated OpenAI API Key Exposure
CVSS 7.5
CVE-2024-47124 MEDIUM
goTenna Pro < 1.6.1 and < 2.0.3 - Cleartext Transmission of Sensitive Information
CVSS 4.3
CVE-2024-45838 MEDIUM
goTenna Pro ATAK Plugin < 2.0.7 - Cleartext Transmission of Sensitive Information
CVSS 4.3
CVE-2024-8059 MEDIUM
Lenovo ThinkAgile and ThinkSystem XCC - Cleartext Transmission of Sensitive Information in Audit Logs
CVSS 4.3
CVE-2024-45101 MEDIUM
Lenovo XClarity Administrator < 4.1 - Session Hijacking via SSO URL Manipulation
CVSS 6.8
CVE-2024-43180 MEDIUM
IBM Concert 1.0 - Cleartext Transmission of Sensitive Information
CVSS 4.3
CVE-2024-44105 HIGH
Ivanti Workspace Control < 10.18.99.0 - Authenticated Cleartext Transmission of Sensitive Information
CVSS 8.2
CVE-2024-41927 MEDIUM
IDEC KIT-FC6A PLC Firmware < 2.60 - Cleartext Transmission of Sensitive Information via Serial Communication Port
CVSS 4.6
CVE-2024-39746 MEDIUM
IBM Sterling Connect:Direct Web Services 6.0-6.3 - Cleartext Transmission of Sensitive Information
CVSS 5.9
CVE-2024-31905 MEDIUM
IBM QRadar Network Packet Capture <7.5 - Info Disclosure
CVSS 5.9
CVE-2024-31799 MEDIUM
GNCC's GC2 Indoor Security Camera 1080P - Info Disclosure
CVSS 4.6
CVE-2024-38167 MEDIUM
.NET 8.0.0-8.0.7 and Visual Studio 2022 17.6.0-17.6.17 - Cleartext Transmission of Sensitive Information
CVSS 6.5
CVE-2024-7408 MEDIUM
Airveda PM2.5 PM10 Monitor Firmware < 7.4.4.39 - Cleartext Transmission of Sensitive Information during AP Pairing
CVSS 6.5
CVE-2024-38891 HIGH
Caterease 16.0.1.1663-24.0.1.2405 - Cleartext Transmission of Sensitive Information
CVSS 7.5
CVE-2024-32864 MEDIUM
exacqVision Web Service < 24.03 - Cleartext Transmission of Sensitive Information
CVSS 6.4
Details
Vulnerabilities 882
Exploit Likelihood High
Links
MITRE CWE Entry Search this CWE With Exploits