Vulnerabilities > Cleartext Transmission of Sensitive Information
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-01-21 | CVE-2020-4969 | Cleartext Transmission of Sensitive Information vulnerability in IBM Security Identity Governance and Intelligence 5.2.6 IBM Security Identity Governance and Intelligence 5.2.6 could allow a remote attacker to obtain sensitive information, caused by the failure to properly enable HTTP Strict Transport Security. | 5.9 |
| 2021-01-13 | CVE-2020-4597 | Cleartext Transmission of Sensitive Information vulnerability in IBM Security Guardium Insights 2.0.2 IBM Security Guardium Insights 2.0.2 does not set the secure attribute on authorization tokens or session cookies. | 4.3 |
| 2021-01-07 | CVE-2020-4893 | Cleartext Transmission of Sensitive Information vulnerability in IBM Emptoris Strategic Supply Management IBM Emptoris Strategic Supply Management 10.1.0, 10.1.1, and 10.1.3 transmits sensitive information in HTTP GET request parameters. | 5.9 |
| 2021-01-05 | CVE-2020-4899 | Cleartext Transmission of Sensitive Information vulnerability in IBM API Connect IBM API Connect 5.0.0.0 through 5.0.8.10 could potentially leak sensitive information or allow for data corruption due to plain text transmission of sensitive information across the network. | 9.1 |
| 2020-12-31 | CVE-2018-19944 | Cleartext Transmission of Sensitive Information vulnerability in Qnap QTS A cleartext transmission of sensitive information vulnerability has been reported to affect certain QTS devices. | 7.5 |
| 2020-12-23 | CVE-2020-11718 | Cleartext Transmission of Sensitive Information vulnerability in Bilanc 01431.01.2020 An issue was discovered in Programi Bilanc build 007 release 014 31.01.2020 and below. | 7.4 |
| 2020-12-23 | CVE-2020-35584 | Cleartext Transmission of Sensitive Information vulnerability in Mersive Solstice POD Firmware In Solstice Pod before 3.0.3, the web services allow users to connect to them over unencrypted channels via the Browser Look-in feature. | 5.9 |
| 2020-12-23 | CVE-2020-25190 | Cleartext Transmission of Sensitive Information vulnerability in Moxa Nport Iaw5000A-I/O Firmware The built-in WEB server for MOXA NPort IAW5000A-I/O firmware version 2.1 or lower stores and transmits the credentials of third-party services in cleartext. | 9.8 |
| 2020-12-18 | CVE-2020-13528 | Cleartext Transmission of Sensitive Information vulnerability in Lantronix Xport Edge Firmware An information disclosure vulnerability exists in the Web Manager and telnet CLI functionality of Lantronix XPort EDGE 3.0.0.0R11, 3.1.0.0R9, 3.4.0.0R12 and 4.2.0.0R7. | 5.3 |
| 2020-12-16 | CVE-2020-14248 | Cleartext Transmission of Sensitive Information vulnerability in Hcltech Bigfix Platform BigFix Inventory up to v10.0.2 does not set the secure flag for the session cookie in an https session, which can cause the cookie to be sent in http requests and make it easier for remote attackers to capture this cookie. | 5.3 |