Vulnerabilities > Cleartext Transmission of Sensitive Information
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-02-25 | CVE-2022-21798 | Cleartext Transmission of Sensitive Information vulnerability in GE Cimplicity The affected product is vulnerable due to cleartext transmission of credentials seen in the CIMPLICITY network, which can be easily spoofed and used to log in to make operational changes to the system. | 9.8 |
| 2022-02-20 | CVE-2021-45081 | Cleartext Transmission of Sensitive Information vulnerability in Cobbler Project Cobbler An issue was discovered in Cobbler through 3.3.1. | 5.9 |
| 2022-02-18 | CVE-2021-39026 | Cleartext Transmission of Sensitive Information vulnerability in IBM Guardium Data Encryption 5.0.0.2/5.0.0.3 IBM Guardium Data Encryption (GDE) 5.0.0.2 and 5.0.0.3 could allow a remote attacker to obtain sensitive information, caused by the failure to properly enable HTTP Strict Transport Security. | 5.9 |
| 2022-02-15 | CVE-2022-25180 | Cleartext Transmission of Sensitive Information vulnerability in Jenkins Pipeline: Groovy Jenkins Pipeline: Groovy Plugin 2648.va9433432b33c and earlier includes password parameters from the original build in replayed builds, allowing attackers with Run/Replay permission to obtain the values of password parameters passed to previous builds of a Pipeline. | 4.3 |
| 2022-02-09 | CVE-2022-0162 | Cleartext Transmission of Sensitive Information vulnerability in Tp-Link Tl-Wr841N Firmware 3.16.9 The vulnerability exists in TP-Link TL-WR841N V11 3.16.9 Build 160325 Rel.62500n wireless router due to transmission of authentication information in cleartextbase64 format. | 9.8 |
| 2022-02-04 | CVE-2021-29397 | Cleartext Transmission of Sensitive Information vulnerability in Globalnorthstar Northstar Club Management 6.3 Cleartext Transmission of Sensitive Information in /northstar/Admin/login.jsp in Northstar Technologies Inc NorthStar Club Management 6.3 allows remote local user to intercept users credentials transmitted in cleartext over HTTP. | 7.5 |
| 2022-02-04 | CVE-2021-45735 | Cleartext Transmission of Sensitive Information vulnerability in Totolink X5000R Firmware 9.1.0U.6118B20201102 TOTOLINK X5000R v9.1.0u.6118_B20201102 was discovered to use the HTTP protocol for authentication into the admin interface, allowing attackers to intercept user credentials via packet capture software. | 7.5 |
| 2022-01-21 | CVE-2021-41835 | Cleartext Transmission of Sensitive Information vulnerability in Fresenius-Kabi products Fresenius Kabi Agilia Link + version 3.0 does not enforce transport layer encryption. | 7.5 |
| 2022-01-12 | CVE-2022-23105 | Cleartext Transmission of Sensitive Information vulnerability in Jenkins Active Directory Jenkins Active Directory Plugin 2.25 and earlier does not encrypt the transmission of data between the Jenkins controller and Active Directory servers in most configurations. | 6.5 |
| 2022-01-04 | CVE-2021-40148 | Cleartext Transmission of Sensitive Information vulnerability in Mediatek products In Modem EMM, there is a possible information disclosure due to a missing data encryption. | 7.5 |