Vulnerabilities > Missing Encryption of Sensitive Data
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2021-08-16 | CVE-2021-22932 | Missing Encryption of Sensitive Data vulnerability in Citrix Sharefile Storagezones Controller An issue has been identified in the CTX269106 mitigation tool for Citrix ShareFile storage zones controller which causes the ShareFile file encryption option to become disabled if it had previously been enabled. | 7.5 |
2021-06-16 | CVE-2021-20567 | Missing Encryption of Sensitive Data vulnerability in IBM Resilient Security Orchestration Automation and Response 38.0 IBM Resilient SOAR V38.0 could allow a local privileged attacker to obtain sensitive information due to improper or nonexisting encryption.IBM X-Force ID: 199239. | 4.4 |
2021-06-01 | CVE-2019-4471 | Missing Encryption of Sensitive Data vulnerability in multiple products IBM Cognos Analytics 11.0 and 11.1 could allow a remote attacker to obtain sensitive information, caused by the failure to set the secure flag for a sensitive cookie in an HTTPS session. | 6.5 |
2021-05-05 | CVE-2021-29248 | Missing Encryption of Sensitive Data vulnerability in Btcpayserver Btcpay Server BTCPay Server through 1.0.7.0 could allow a remote attacker to obtain sensitive information, caused by failure to set the Secure flag for a cookie. | 5.3 |
2021-02-16 | CVE-2020-29024 | Missing Encryption of Sensitive Data vulnerability in Secomea products Sensitive Cookie in HTTPS Session Without 'Secure' Attribute vulnerability in (GTA) GoToAppliance of Secomea GateManager could allow an attacker to gain access to sensitive cookies. | 5.3 |
2021-01-14 | CVE-2020-26732 | Missing Encryption of Sensitive Data vulnerability in Skyworth Gn542Vf BOA Firmware 0.94.13 SKYWORTH GN542VF Hardware Version 2.0 and Software Version 2.0.0.16 does not set the Secure flag for the session cookie in an HTTPS session, which makes it easier for remote attackers to capture this cookie by intercepting its transmission within an HTTP session. | 7.5 |
2020-12-31 | CVE-2020-25842 | Missing Encryption of Sensitive Data vulnerability in Panorama Nhiservisignadapter 1.0.20.0218 The encryption function of NHIServiSignAdapter fail to verify the file path input by users. | 7.5 |
2020-12-15 | CVE-2020-27055 | Missing Encryption of Sensitive Data vulnerability in Google Android 11.0 In isSubmittable and showWarningMessagesIfAppropriate of WifiConfigController.java and WifiConfigController2.java, there is a possible insecure WiFi configuration due to improper input validation. | 7.5 |
2020-12-01 | CVE-2020-4126 | Missing Encryption of Sensitive Data vulnerability in Hcltech HCL Inotes HCL iNotes is susceptible to a sensitive cookie exposure vulnerability. | 5.9 |
2020-11-09 | CVE-2020-8150 | Missing Encryption of Sensitive Data vulnerability in Nextcloud Server A cryptographic issue in Nextcloud Server 19.0.1 allowed an attacker to downgrade the encryption scheme and break the integrity of encrypted files. | 4.1 |