Vulnerabilities > Cleartext Transmission of Sensitive Information
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-08-31 | CVE-2022-2003 | Cleartext Transmission of Sensitive Information vulnerability in Automationdirect products AutomationDirect DirectLOGIC is vulnerable to a specifically crafted serial message to the CPU serial port that will cause the PLC to respond with the PLC password in cleartext. | 9.1 |
| 2022-08-31 | CVE-2022-2005 | Cleartext Transmission of Sensitive Information vulnerability in Automationdirect products AutomationDirect C-more EA9 HTTP webserver uses an insecure mechanism to transport credentials from client to web server, which may allow an attacker to obtain the login credentials and login as a valid user. | 7.5 |
| 2022-08-31 | CVE-2022-2485 | Cleartext Transmission of Sensitive Information vulnerability in Automationdirect products Any attempt (good or bad) to log into AutomationDirect Stride Field I/O with a web browser may result in the device responding with its password in the communication packets. | 7.5 |
| 2022-08-29 | CVE-2022-36200 | Cleartext Transmission of Sensitive Information vulnerability in Fiberhome Hg150-Ub Firmware 3.0 In FiberHome VDSL2 Modem HG150-Ub_V3.0, Credentials of Admin are submitted in URL, which can be logged/sniffed. | 7.5 |
| 2022-08-22 | CVE-2021-3590 | Cleartext Transmission of Sensitive Information vulnerability in multiple products A flaw was found in Foreman project. | 8.8 |
| 2022-08-17 | CVE-2022-2338 | Cleartext Transmission of Sensitive Information vulnerability in Softing products Softing Secure Integration Server V1.22 is vulnerable to authentication bypass via a machine-in-the-middle attack. | 5.3 |
| 2022-08-11 | CVE-2022-20243 | Cleartext Transmission of Sensitive Information vulnerability in Google Android 13.0.0 In Core Utilities, there is a possible log information disclosure. | 4.4 |
| 2022-08-10 | CVE-2022-32245 | Cleartext Transmission of Sensitive Information vulnerability in SAP Businessobjects Business Intelligence 420/430 SAP BusinessObjects Business Intelligence Platform (Open Document) - versions 420, 430, allows an unauthenticated attacker to retrieve sensitive information plain text over the network. | 8.2 |
| 2022-08-05 | CVE-2022-33724 | Cleartext Transmission of Sensitive Information vulnerability in Google Android 10.0/11.0/12.0 Exposure of Sensitive Information in Samsung Dialer application?prior to SMR Aug-2022 Release 1 allows local attackers to access ICCID via log. | 3.3 |
| 2022-08-03 | CVE-2022-27619 | Cleartext Transmission of Sensitive Information vulnerability in Synology Note Station Cleartext transmission of sensitive information vulnerability in authentication management in Synology Note Station Client before 2.2.2-609 allows man-in-the-middle attackers to obtain sensitive information via unspecified vectors. | 5.9 |