Vulnerabilities > Cleartext Transmission of Sensitive Information

DATE CVE VULNERABILITY TITLE RISK
2023-12-21 CVE-2023-51390 Cleartext Transmission of Sensitive Information vulnerability in Aiven Journalpump
journalpump is a daemon that takes log messages from journald and pumps them to a given output.
network
low complexity
aiven CWE-319
7.5
2023-12-20 CVE-2023-50703 Cleartext Transmission of Sensitive Information vulnerability in Efacec UC 500E Firmware 10.1.0
An attacker with network access could perform a man-in-the-middle (MitM) attack and capture sensitive information to gain unauthorized access to the application.
network
high complexity
efacec CWE-319
5.9
2023-12-07 CVE-2023-39172 Cleartext Transmission of Sensitive Information vulnerability in Enbw Senec Storage BOX Firmware
The affected devices transmit sensitive information unencrypted allowing a remote unauthenticated attacker to capture and modify network traffic.
network
low complexity
enbw CWE-319
critical
9.1
2023-12-06 CVE-2023-24547 Cleartext Transmission of Sensitive Information vulnerability in Arista MOS 0.13.0/0.25/0.39.4
On affected platforms running Arista MOS, the configuration of a BGP password will cause the password to be logged in clear text that can be revealed in local logs or remote logging servers by authenticated users, as well as appear in clear text in the device’s running config.
network
low complexity
arista CWE-319
6.5
2023-12-05 CVE-2023-42579 Cleartext Transmission of Sensitive Information vulnerability in Samsung Keyboard
Improper usage of insecure protocol (i.e.
high complexity
samsung CWE-319
5.3
2023-11-30 CVE-2023-46383 Cleartext Transmission of Sensitive Information vulnerability in Loytec L-Inx Configurator 7.4.10
LOYTEC electronics GmbH LINX Configurator (all versions) uses HTTP Basic Authentication, which transmits usernames and passwords in base64-encoded cleartext and allows remote attackers to steal the password and gain full control of Loytec device configuration.
network
low complexity
loytec CWE-319
7.5
2023-11-30 CVE-2023-46385 Cleartext Transmission of Sensitive Information vulnerability in Loytec L-Inx Configurator 7.4.10
LOYTEC electronics GmbH LINX Configurator (all versions) is vulnerable to Insecure Permissions.
network
low complexity
loytec CWE-319
7.5
2023-11-14 CVE-2023-43503 Cleartext Transmission of Sensitive Information vulnerability in Siemens Comos
A vulnerability has been identified in COMOS (All versions < V10.4.4).
network
low complexity
siemens CWE-319
7.5
2023-11-04 CVE-2023-46380 Cleartext Transmission of Sensitive Information vulnerability in Loytec products
LOYTEC LINX-151, LINX-212, LVIS-3ME12-A1, LIOB-586, LIOB-580 V2, LIOB-588, L-INX Configurator devices (all versions) send password-change requests via cleartext HTTP.
network
low complexity
loytec CWE-319
7.5
2023-11-04 CVE-2023-46382 Cleartext Transmission of Sensitive Information vulnerability in Loytec products
LOYTEC LINX-151, LINX-212, LVIS-3ME12-A1, LIOB-586, LIOB-580 V2, LIOB-588, L-INX Configurator devices (all versions) use cleartext HTTP for login.
network
low complexity
loytec CWE-319
7.5