Vulnerabilities > Cleartext Transmission of Sensitive Information
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-11-03 | CVE-2017-7252 | Cleartext Transmission of Sensitive Information vulnerability in Botan Project Botan bcrypt password hashing in Botan before 2.1.0 does not correctly handle passwords with a length between 57 and 72 characters, which makes it easier for attackers to determine the cleartext password. | 7.5 |
| 2023-11-02 | CVE-2023-5035 | Cleartext Transmission of Sensitive Information vulnerability in Moxa Eds-G503 Firmware A vulnerability has been identified in PT-G503 Series firmware versions prior to v5.2, where the Secure attribute for sensitive cookies in HTTPS sessions is not set, which could cause the cookie to be transmitted in plaintext over an HTTP session. | 5.3 |
| 2023-10-25 | CVE-2023-45321 | Cleartext Transmission of Sensitive Information vulnerability in Boschrexroth products The Android Client application, when enrolled with the define method 1 (the user manually inserts the server ip address), use HTTP protocol to retrieve sensitive information (ip address and credentials to connect to a remote MQTT broker entity) instead of HTTPS and this feature is not configurable by the user. | 8.8 |
| 2023-10-22 | CVE-2023-38276 | Cleartext Transmission of Sensitive Information vulnerability in IBM Cognos Dashboards on Cloud PAK for Data 4.7.0 IBM Cognos Dashboards on Cloud Pak for Data 4.7.0 exposes sensitive information in environment variables which could aid in further attacks against the system. | 7.5 |
| 2023-10-22 | CVE-2023-38275 | Cleartext Transmission of Sensitive Information vulnerability in IBM Cognos Dashboards on Cloud PAK for Data 4.7.0 IBM Cognos Dashboards on Cloud Pak for Data 4.7.0 exposes sensitive information in container images which could lead to further attacks against the system. | 7.5 |
| 2023-10-19 | CVE-2023-41088 | Cleartext Transmission of Sensitive Information vulnerability in Dexma Dexgate 20130114 The affected product is vulnerable to a cleartext transmission of sensitive information vulnerability, which may allow an attacker with access to the network, where clients have access to the DexGate server, could capture traffic. | 6.5 |
| 2023-10-19 | CVE-2023-34441 | Cleartext Transmission of Sensitive Information vulnerability in Bakerhughes Bentley Nevada 3500 System Firmware 5.0.5 Baker Hughes – Bently Nevada 3500 System TDI Firmware version 5.05 contains a cleartext transmission vulnerability which could allow an attacker to steal the authentication secret from communication traffic to the device and reuse it for arbitrary requests. | 8.2 |
| 2023-10-17 | CVE-2022-22385 | Cleartext Transmission of Sensitive Information vulnerability in IBM Security Verify Privilege On-Premises IBM Security Verify Privilege On-Premises 11.5 could disclose sensitive information to an attacked due to the transmission of data in clear text. | 7.5 |
| 2023-10-09 | CVE-2023-5461 | Cleartext Transmission of Sensitive Information vulnerability in Deltaww Wplsoft 2.51 A vulnerability was found in Delta Electronics WPLSoft 2.51. | 5.9 |
| 2023-10-09 | CVE-2023-5100 | Cleartext Transmission of Sensitive Information vulnerability in Sick Apu0200 Firmware Cleartext Transmission of Sensitive Information in RDT400 in SICK APU allows an unprivileged remote attacker to retrieve potentially sensitive information via intercepting network traffic that is not encrypted. | 6.5 |