Vulnerabilities > Cleartext Transmission of Sensitive Information

DATE CVE VULNERABILITY TITLE RISK
2019-09-25 CVE-2019-10428 Cleartext Transmission of Sensitive Information vulnerability in Jenkins Aqua Security Scanner
Jenkins Aqua Security Scanner Plugin 3.0.17 and earlier transmitted configured credentials in plain text as part of the global Jenkins configuration form, potentially resulting in their exposure.
network
low complexity
jenkins CWE-319
7.5
2019-09-25 CVE-2019-10427 Cleartext Transmission of Sensitive Information vulnerability in Jenkins Aqua Microscanner
Jenkins Aqua MicroScanner Plugin 1.0.7 and earlier transmitted configured credentials in plain text as part of the global Jenkins configuration form, potentially resulting in their exposure.
network
low complexity
jenkins CWE-319
5.3
2019-09-25 CVE-2019-10412 Cleartext Transmission of Sensitive Information vulnerability in Jenkins Inedo Proget
Jenkins Inedo ProGet Plugin 1.2 and earlier transmitted configured credentials in plain text as part of the global Jenkins configuration form, potentially resulting in their exposure.
network
low complexity
jenkins CWE-319
7.5
2019-09-25 CVE-2019-10411 Cleartext Transmission of Sensitive Information vulnerability in Jenkins Inedo Buildmaster
Jenkins Inedo BuildMaster Plugin 2.4.0 and earlier transmitted configured credentials in plain text as part of the global Jenkins configuration form, potentially resulting in their exposure.
network
low complexity
jenkins CWE-319
7.5
2019-09-12 CVE-2019-10397 Cleartext Transmission of Sensitive Information vulnerability in Jenkins Aqua Security Severless Scanner
Jenkins Aqua Security Serverless Scanner Plugin 1.0.4 and earlier transmitted configured passwords in plain text as part of job configuration forms, potentially resulting in their exposure.
network
high complexity
jenkins CWE-319
3.1
2019-09-10 CVE-2019-5503 Cleartext Transmission of Sensitive Information vulnerability in Netapp Oncommand Workflow Automation 5.0
OnCommand Workflow Automation versions prior to 5.0 shipped without certain HTTP Security headers configured which could allow an attacker to obtain sensitive information via unspecified vectors.
network
low complexity
netapp CWE-319
5.3
2019-09-04 CVE-2019-14319 Cleartext Transmission of Sensitive Information vulnerability in Tiktok
The TikTok (formerly Musical.ly) application 12.2.0 for Android and iOS performs unencrypted transmission of images, videos, and likes.
low complexity
tiktok CWE-319
6.5
2019-08-28 CVE-2019-10391 Cleartext Transmission of Sensitive Information vulnerability in Jenkins IBM Application Security on Cloud
Jenkins IBM Application Security on Cloud Plugin 1.2.4 and earlier transmitted configured passwords in plain text as part of job configuration forms, potentially resulting in their exposure.
network
low complexity
jenkins CWE-319
6.5
2019-08-22 CVE-2019-5635 Cleartext Transmission of Sensitive Information vulnerability in Belwith-Keeler Hickory Smart Ethernet Bridge Firmware
A cleartext transmission of sensitive information vulnerability is present in Hickory Smart Ethernet Bridge from Belwith Products, LLC.
network
low complexity
belwith-keeler CWE-319
7.5
2019-08-19 CVE-2019-11276 Cleartext Transmission of Sensitive Information vulnerability in Pivotal Software Application Service
Pivotal Apps Manager, included in Pivotal Application Service versions 2.3.x prior to 2.3.16, 2.4.x prior to 2.4.12, 2.5.x prior to 2.5.8, and 2.6.x prior to 2.6.3, makes a request to the /cloudapplication endpoint via Spring actuator, and subsequent requests via unsecured http.
low complexity
pivotal-software CWE-319
5.4