Vulnerabilities > Cleartext Transmission of Sensitive Information

DATE CVE VULNERABILITY TITLE RISK
2018-05-02 CVE-2018-0281 Cleartext Transmission of Sensitive Information vulnerability in Cisco Secure Firewall Management Center
A vulnerability in the detection engine of Cisco Firepower System Software could allow an unauthenticated, remote attacker to restart an instance of the Snort detection engine on an affected device, resulting in a brief denial of service (DoS) condition.
network
low complexity
cisco CWE-319
5.8
2018-04-25 CVE-2017-12716 Cleartext Transmission of Sensitive Information vulnerability in Abbott products
Abbott Laboratories Accent and Anthem pacemakers manufactured prior to Aug 28, 2017 transmit unencrypted patient information via RF communications to programmers and home monitoring units.
low complexity
abbott CWE-319
6.5
2018-04-18 CVE-2018-7246 Cleartext Transmission of Sensitive Information vulnerability in Schneider-Electric 66074 MGE Network Management Card Transverse
A cleartext transmission of sensitive information vulnerability exists in Schneider Electric's 66074 MGE Network Management Card Transverse installed in MGE UPS and MGE STS.
network
low complexity
schneider-electric CWE-319
critical
9.8
2018-04-11 CVE-2017-8154 Cleartext Transmission of Sensitive Information vulnerability in Huawei Honor 8 Lite Firmware
The Themes App Honor 8 Lite Huawei mobile phones with software of versions before Prague-L31C576B172, versions before Prague-L31C530B160, versions before Prague-L31C432B180 has a man-in-the-middle (MITM) vulnerability due to the use of the insecure HTTP protocol for theme download.
network
high complexity
huawei CWE-319
5.3
2018-03-27 CVE-2017-12310 Cleartext Transmission of Sensitive Information vulnerability in Cisco Spark Hybrid Calendar Service
A vulnerability in the auto discovery phase of Cisco Spark Hybrid Calendar Service could allow an unauthenticated, remote attacker to view sensitive information in the unencrypted headers of an HTTP method request.
network
low complexity
cisco CWE-319
7.5
2018-03-21 CVE-2017-0925 Cleartext Transmission of Sensitive Information vulnerability in multiple products
Gitlab Enterprise Edition version 10.1.0 is vulnerable to an insufficiently protected credential issue in the project service integration API endpoint resulting in an information disclosure of plaintext password.
network
low complexity
gitlab debian CWE-319
7.2
2018-03-13 CVE-2018-6295 Cleartext Transmission of Sensitive Information vulnerability in Hanwha-Security Snh-V6410Pn Firmware and Snh-V6410Pnw Firmware
Unencrypted way of remote control and communications in Hanwha Techwin Smartcams
network
low complexity
hanwha-security CWE-319
critical
9.8
2018-03-06 CVE-2018-5471 Cleartext Transmission of Sensitive Information vulnerability in Belden products
A Cleartext Transmission of Sensitive Information issue was discovered in Belden Hirschmann RS, RSR, RSB, MACH100, MACH1000, MACH4000, MS, and OCTOPUS Classic Platform Switches.
network
high complexity
belden CWE-319
5.9
2018-03-06 CVE-2018-6019 Cleartext Transmission of Sensitive Information vulnerability in Samsung Display Solutions 3.01
Samsung Display Solutions App before 3.02 for Android allows man-in-the-middle attackers to spoof B2B content by leveraging failure to use encryption during information transmission.
network
high complexity
samsung CWE-319
5.9
2018-02-22 CVE-2018-7298 Cleartext Transmission of Sensitive Information vulnerability in Eq-3 Homematic Central Control Unit Ccu2 Firmware 2.29.22
In /usr/local/etc/config/addons/mh/loopupd.sh on eQ-3 AG HomeMatic CCU2 2.29.22 devices, software update packages are downloaded via the HTTP protocol, which does not provide any cryptographic protection of the downloaded contents.
network
high complexity
eq-3 CWE-319
8.1