Vulnerabilities > Cleartext Transmission of Sensitive Information
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-06-29 | CVE-2020-12036 | Cleartext Transmission of Sensitive Information vulnerability in Baxter Prismaflex Firmware and Prismax Firmware Baxter PrismaFlex all versions, PrisMax all versions prior to 3.x, The affected devices do not implement data-in-transit encryption (e.g., TLS/SSL) when configured to send treatment data to a PDMS (Patient Data Management System) or an EMR (Electronic Medical Record) system. | 7.5 |
| 2020-06-29 | CVE-2020-12008 | Cleartext Transmission of Sensitive Information vulnerability in Baxter Em1200 Firmware and Em2400 Firmware Baxter ExactaMix EM 2400 Versions 1.10, 1.11 and ExactaMix EM1200 Versions 1.1, 1.2 systems use cleartext messages to communicate order information with an order entry system. | 7.5 |
| 2020-06-29 | CVE-2019-18248 | Cleartext Transmission of Sensitive Information vulnerability in Biotronik products BIOTRONIK CardioMessenger II, The affected products transmit credentials in clear-text prior to switching to an encrypted communication channel. | 4.3 |
| 2020-06-26 | CVE-2020-10628 | Cleartext Transmission of Sensitive Information vulnerability in Honeywell Controledge PLC Firmware and Controledge RTU Firmware ControlEdge PLC (R130.2, R140, R150, and R151) and RTU (R101, R110, R140, R150, and R151) exposes unencrypted passwords on the network. | 7.5 |
| 2020-06-26 | CVE-2020-10624 | Cleartext Transmission of Sensitive Information vulnerability in Honeywell Controledge PLC Firmware and Controledge RTU Firmware ControlEdge PLC (R130.2, R140, R150, and R151) and RTU (R101, R110, R140, R150, and R151) exposes a session token on the network. | 7.5 |
| 2020-06-23 | CVE-2020-5594 | Cleartext Transmission of Sensitive Information vulnerability in Mitsubishielectric products Mitsubishi Electric MELSEC iQ-R, iQ-F, Q, L, and FX series CPU modules all versions contain a vulnerability that allows cleartext transmission of sensitive information between CPU modules and GX Works3 and/or GX Works2 via unspecified vectors. | 9.8 |
| 2020-06-17 | CVE-2020-14157 | Cleartext Transmission of Sensitive Information vulnerability in Abus Secvest Wireless Control Fube50001 Firmware The wireless-communication feature of the ABUS Secvest FUBE50001 device does not encrypt sensitive data such as PIN codes or IDs of used proximity chip keys (RFID tokens). | 8.1 |
| 2020-06-15 | CVE-2020-14093 | Cleartext Transmission of Sensitive Information vulnerability in multiple products Mutt before 1.14.3 allows an IMAP fcc/postpone man-in-the-middle attack via a PREAUTH response. | 5.9 |
| 2020-06-11 | CVE-2020-11614 | Cleartext Transmission of Sensitive Information vulnerability in Mids' Reborn Hero Designer Project Mids' Reborn Hero Designer 2.6.0.7 Mids' Reborn Hero Designer 2.6.0.7 downloads the update manifest, as well as update files, over cleartext HTTP. | 8.1 |
| 2020-06-09 | CVE-2020-1343 | Cleartext Transmission of Sensitive Information vulnerability in Microsoft Visual Studio Live Share An information disclosure vulnerability exists in Visual Studio Code Live Share Extension when it exposes tokens in plain text, aka 'Visual Studio Code Live Share Information Disclosure Vulnerability'. | 5.9 |