Vulnerabilities > Cleartext Transmission of Sensitive Information
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-04-30 | CVE-2020-5876 | Cleartext Transmission of Sensitive Information vulnerability in F5 products On BIG-IP 15.0.0-15.0.1.3, 14.1.0-14.1.2.3, 13.1.0-13.1.3.3, 12.1.0-12.1.5.1, and 11.6.1-11.6.5.1, a race condition exists where mcpd and other processes may make unencrypted connection attempts to a new configuration sync peer. | 8.1 |
| 2020-04-23 | CVE-2020-5865 | Cleartext Transmission of Sensitive Information vulnerability in multiple products In versions prior to 3.3.0, the NGINX Controller is configured to communicate with its Postgres database server over unencrypted channels, making the communicated data vulnerable to interception via man-in-the-middle (MiTM) attacks. | 4.8 |
| 2020-04-22 | CVE-2020-7488 | Cleartext Transmission of Sensitive Information vulnerability in Schneider-Electric products A CWE-319: Cleartext Transmission of Sensitive Information vulnerability exists which could leak sensitive information transmitted between the software and the Modicon M218, M241, M251, and M258 controllers. | 7.5 |
| 2020-04-22 | CVE-2019-19107 | Cleartext Transmission of Sensitive Information vulnerability in multiple products The Configuration pages in ABB Telephone Gateway TG/S 3.2 and Busch-Jaeger 6186/11 Telefon-Gateway for user profiles and services transfer the password in plaintext (although hidden when displayed). | 5.5 |
| 2020-04-22 | CVE-2020-11685 | Cleartext Transmission of Sensitive Information vulnerability in Jetbrains Goland In JetBrains GoLand before 2019.3.2, the plugin repository was accessed via HTTP instead of HTTPS. | 7.5 |
| 2020-04-22 | CVE-2020-11539 | Cleartext Transmission of Sensitive Information vulnerability in Titan SF Rush Smart Band Firmware 1.12 An issue was discovered on Tata Sonata Smart SF Rush 1.12 devices. | 8.1 |
| 2020-04-16 | CVE-2020-7483 | Cleartext Transmission of Sensitive Information vulnerability in Schneider-Electric Tristation 1131 **VERSION NOT SUPPORTED WHEN ASSIGNED** A vulnerability could cause certain data to be visible on the network when the 'password' feature is enabled. | 7.5 |
| 2020-04-15 | CVE-2019-4594 | Cleartext Transmission of Sensitive Information vulnerability in IBM Qradar Security Information and Event Manager IBM QRadar 7.3.0 to 7.3.3 Patch 2 could allow a remote attacker to obtain sensitive information, caused by the failure to properly enable HTTP Strict Transport Security. | 5.9 |
| 2020-04-04 | CVE-2020-11542 | Cleartext Transmission of Sensitive Information vulnerability in 3Xlogic Infinias Eidc32 Firmware and Infinias Eidc32 web 3xLOGIC Infinias eIDC32 2.213 devices with Web 1.107 allow Authentication Bypass via CMD.HTM?CMD= because authentication depends on the client side's interpretation of the <KEY>MYKEY</KEY> substring. | 9.8 |
| 2020-03-27 | CVE-2020-5860 | Cleartext Transmission of Sensitive Information vulnerability in F5 products On BIG-IP 15.0.0-15.1.0.2, 14.1.0-14.1.2.3, 13.1.0-13.1.3.2, 12.1.0-12.1.5.1, and 11.5.2-11.6.5.1 and BIG-IQ 7.0.0, 6.0.0-6.1.0, and 5.2.0-5.4.0, in a High Availability (HA) network failover in Device Service Cluster (DSC), the failover service does not require a strong form of authentication and HA network failover traffic is not encrypted by Transport Layer Security (TLS). | 8.1 |