Vulnerabilities > Missing Encryption of Sensitive Data
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-12-09 | CVE-2021-36189 | Missing Encryption of Sensitive Data vulnerability in Fortinet Forticlient Enterprise Management Server A missing encryption of sensitive data in Fortinet FortiClientEMS version 7.0.1 and below, version 6.4.4 and below allows attacker to information disclosure via inspecting browser decrypted data | 4.9 |
| 2021-12-08 | CVE-2021-37050 | Missing Encryption of Sensitive Data vulnerability in Huawei Emui, Harmonyos and Magic UI There is a Missing sensitive data encryption vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may affect service confidentiality. | 7.5 |
| 2021-11-15 | CVE-2021-38977 | Missing Encryption of Sensitive Data vulnerability in IBM products IBM Tivoli Key Lifecycle Manager 3.0, 3.0.1, 4.0, and 4.1 does not set the secure attribute on authorization tokens or session cookies. | 4.3 |
| 2021-10-27 | CVE-2021-35236 | Missing Encryption of Sensitive Data vulnerability in Solarwinds Kiwi Syslog Server The Secure flag is not set in the SSL Cookie of Kiwi Syslog Server 9.7.2 and previous versions. | 5.3 |
| 2021-10-21 | CVE-2021-29883 | Missing Encryption of Sensitive Data vulnerability in IBM Transformation Extender Advanced IBM Standards Processing Engine (IBM Transformation Extender Advanced 9.0 and 10.0) does not set the secure attribute on authorization tokens or session cookies. | 4.3 |
| 2021-10-14 | CVE-2021-3882 | Missing Encryption of Sensitive Data vulnerability in Ledgersmb LedgerSMB does not set the 'Secure' attribute on the session authorization cookie when the client uses HTTPS and the LedgerSMB server is behind a reverse proxy. | 6.8 |
| 2021-08-16 | CVE-2021-22932 | Missing Encryption of Sensitive Data vulnerability in Citrix Sharefile Storagezones Controller An issue has been identified in the CTX269106 mitigation tool for Citrix ShareFile storage zones controller which causes the ShareFile file encryption option to become disabled if it had previously been enabled. | 7.5 |
| 2021-06-16 | CVE-2021-20567 | Missing Encryption of Sensitive Data vulnerability in IBM Resilient Security Orchestration Automation and Response 38.0 IBM Resilient SOAR V38.0 could allow a local privileged attacker to obtain sensitive information due to improper or nonexisting encryption.IBM X-Force ID: 199239. | 4.4 |
| 2021-06-01 | CVE-2019-4471 | Missing Encryption of Sensitive Data vulnerability in multiple products IBM Cognos Analytics 11.0 and 11.1 could allow a remote attacker to obtain sensitive information, caused by the failure to set the secure flag for a sensitive cookie in an HTTPS session. | 6.5 |
| 2021-05-05 | CVE-2021-29248 | Missing Encryption of Sensitive Data vulnerability in Btcpayserver Btcpay Server BTCPay Server through 1.0.7.0 could allow a remote attacker to obtain sensitive information, caused by failure to set the Secure flag for a cookie. | 5.3 |