Vulnerabilities > Cleartext Transmission of Sensitive Information
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-11-30 | CVE-2023-46383 | Cleartext Transmission of Sensitive Information vulnerability in Loytec L-Inx Configurator 7.4.10 LOYTEC electronics GmbH LINX Configurator (all versions) uses HTTP Basic Authentication, which transmits usernames and passwords in base64-encoded cleartext and allows remote attackers to steal the password and gain full control of Loytec device configuration. | 7.5 |
| 2023-11-30 | CVE-2023-46385 | Cleartext Transmission of Sensitive Information vulnerability in Loytec L-Inx Configurator 7.4.10 LOYTEC electronics GmbH LINX Configurator (all versions) is vulnerable to Insecure Permissions. | 7.5 |
| 2023-11-14 | CVE-2023-43503 | Cleartext Transmission of Sensitive Information vulnerability in Siemens Comos A vulnerability has been identified in COMOS (All versions < V10.4.4). | 7.5 |
| 2023-11-04 | CVE-2023-46380 | Cleartext Transmission of Sensitive Information vulnerability in Loytec products LOYTEC LINX-151, LINX-212, LVIS-3ME12-A1, LIOB-586, LIOB-580 V2, LIOB-588, L-INX Configurator devices (all versions) send password-change requests via cleartext HTTP. | 7.5 |
| 2023-11-04 | CVE-2023-46382 | Cleartext Transmission of Sensitive Information vulnerability in Loytec products LOYTEC LINX-151, LINX-212, LVIS-3ME12-A1, LIOB-586, LIOB-580 V2, LIOB-588, L-INX Configurator devices (all versions) use cleartext HTTP for login. | 7.5 |
| 2023-11-03 | CVE-2017-7252 | Cleartext Transmission of Sensitive Information vulnerability in Botan Project Botan bcrypt password hashing in Botan before 2.1.0 does not correctly handle passwords with a length between 57 and 72 characters, which makes it easier for attackers to determine the cleartext password. | 7.5 |
| 2023-11-02 | CVE-2023-5035 | Cleartext Transmission of Sensitive Information vulnerability in Moxa Eds-G503 Firmware A vulnerability has been identified in PT-G503 Series firmware versions prior to v5.2, where the Secure attribute for sensitive cookies in HTTPS sessions is not set, which could cause the cookie to be transmitted in plaintext over an HTTP session. | 5.3 |
| 2023-10-25 | CVE-2023-45321 | Cleartext Transmission of Sensitive Information vulnerability in Boschrexroth products The Android Client application, when enrolled with the define method 1 (the user manually inserts the server ip address), use HTTP protocol to retrieve sensitive information (ip address and credentials to connect to a remote MQTT broker entity) instead of HTTPS and this feature is not configurable by the user. | 8.8 |
| 2023-10-23 | CVE-2023-33837 | Cleartext Transmission of Sensitive Information vulnerability in IBM Security Verify Governance 10.0 IBM Security Verify Governance 10.0 does not encrypt sensitive or critical information before storage or transmission. | 7.5 |
| 2023-10-22 | CVE-2023-38276 | Cleartext Transmission of Sensitive Information vulnerability in IBM Cognos Dashboards on Cloud PAK for Data 4.7.0 IBM Cognos Dashboards on Cloud Pak for Data 4.7.0 exposes sensitive information in environment variables which could aid in further attacks against the system. | 7.5 |