Vulnerabilities > Cleartext Transmission of Sensitive Information
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-04-06 | CVE-2023-1802 | Cleartext Transmission of Sensitive Information vulnerability in Docker Desktop 4.17.0/4.17.1 In Docker Desktop 4.17.x the Artifactory Integration falls back to sending registry credentials over plain HTTP if the HTTPS health check has failed. A targeted network sniffing attack can lead to a disclosure of sensitive information. | 7.5 |
| 2023-04-03 | CVE-2023-0922 | Cleartext Transmission of Sensitive Information vulnerability in Samba The Samba AD DC administration tool, when operating against a remote LDAP server, will by default send new or reset passwords over a signed-only connection. | 5.9 |
| 2023-03-29 | CVE-2023-1656 | Cleartext Transmission of Sensitive Information vulnerability in Forgerock Ldap Connector Cleartext Transmission of Sensitive Information vulnerability in ForgeRock Inc. | 7.5 |
| 2023-03-27 | CVE-2023-27927 | Cleartext Transmission of Sensitive Information vulnerability in Sauter-Controls Ey-As525F001 Firmware An authenticated malicious user could acquire the simple mail transfer protocol (SMTP) Password in cleartext format, despite it being protected and hidden behind asterisks. | 6.5 |
| 2023-03-02 | CVE-2023-0053 | Cleartext Transmission of Sensitive Information vulnerability in Sauter-Controls products SAUTER Controls Nova 200–220 Series with firmware version 3.3-006 and prior and BACnetstac version 4.2.1 and prior have only FTP and Telnet available for device management. | 7.5 |
| 2023-02-23 | CVE-2023-23914 | Cleartext Transmission of Sensitive Information vulnerability in multiple products A cleartext transmission of sensitive information vulnerability exists in curl <v7.88.0 that could cause HSTS functionality fail when multiple URLs are requested serially. | 9.1 |
| 2023-02-23 | CVE-2023-23915 | Cleartext Transmission of Sensitive Information vulnerability in multiple products A cleartext transmission of sensitive information vulnerability exists in curl <v7.88.0 that could cause HSTS functionality to behave incorrectly when multiple URLs are requested in parallel. | 6.5 |
| 2023-02-15 | CVE-2022-45546 | Cleartext Transmission of Sensitive Information vulnerability in Screencheck Badgemaker 2.6.2.0 Information Disclosure in Authentication Component of ScreenCheck BadgeMaker 2.6.2.0 application allows internal attacker to obtain credentials for authentication via network sniffing. | 7.5 |
| 2023-02-08 | CVE-2023-0001 | Cleartext Transmission of Sensitive Information vulnerability in Paloaltonetworks Cortex XDR Agent 7.5 An information exposure vulnerability in the Palo Alto Networks Cortex XDR agent on Windows devices allows a local system administrator to disclose the admin password for the agent in cleartext, which bad actors can then use to execute privileged cytool commands that disable or uninstall the agent. | 6.7 |
| 2023-02-07 | CVE-2022-40693 | Cleartext Transmission of Sensitive Information vulnerability in Moxa Sds-3008-T Firmware and Sds-3008 Firmware A cleartext transmission vulnerability exists in the web application functionality of Moxa SDS-3008 Series Industrial Ethernet Switch 2.1. | 7.5 |