Vulnerabilities > Missing Encryption of Sensitive Data
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-12-31 | CVE-2020-25842 | Missing Encryption of Sensitive Data vulnerability in Panorama Nhiservisignadapter 1.0.20.0218 The encryption function of NHIServiSignAdapter fail to verify the file path input by users. | 5.0 |
| 2020-12-23 | CVE-2020-35658 | Missing Encryption of Sensitive Data vulnerability in Titanhq Spamtitan SpamTitan before 7.09 allows attackers to tamper with backups, because backups are not encrypted. | 5.0 |
| 2020-12-16 | CVE-2020-14254 | Missing Encryption of Sensitive Data vulnerability in Hcltech Bigfix Platform TLS-RSA cipher suites are not disabled in HCL BigFix Inventory up to v10.0.2. | 4.3 |
| 2020-12-15 | CVE-2020-27055 | Missing Encryption of Sensitive Data vulnerability in Google Android 11.0 In isSubmittable and showWarningMessagesIfAppropriate of WifiConfigController.java and WifiConfigController2.java, there is a possible insecure WiFi configuration due to improper input validation. | 5.0 |
| 2020-12-11 | CVE-2020-28217 | Missing Encryption of Sensitive Data vulnerability in Schneider-Electric Easergy T300 Firmware 1.5.2/2.7 A CWE-311: Missing Encryption of Sensitive Data vulnerability exists in Easergy T300 (firmware 2.7 and older), that would allow an attacker to read network traffic over HTTP protocol. | 5.0 |
| 2020-12-11 | CVE-2020-28216 | Missing Encryption of Sensitive Data vulnerability in Schneider-Electric Easergy T300 Firmware 1.5.2/2.7 A CWE-311: Missing Encryption of Sensitive Data vulnerability exists in Easergy T300 (firmware 2.7 and older), that would allow an attacker to read network traffic over HTTP protocol. | 5.0 |
| 2020-12-09 | CVE-2020-26816 | Missing Encryption of Sensitive Data vulnerability in SAP Netweaver Application Server Java SAP AS JAVA (Key Storage Service), versions - 7.10, 7.11, 7.20 ,7.30, 7.31, 7.40, 7.50, has the key material which is stored in the SAP NetWeaver AS Java Key Storage service stored in the database in the DER encoded format and is not encrypted. | 2.7 |
| 2020-11-19 | CVE-2020-7567 | Missing Encryption of Sensitive Data vulnerability in Schneider-Electric Modicon M221 Firmware A CWE-311: Missing Encryption of Sensitive Data vulnerability exists in Modicon M221 (all references, all versions) that could allow the attacker to find the password hash when the attacker has captured the traffic between EcoStruxure Machine - Basic software and Modicon M221 controller and broke the encryption keys. | 2.9 |
| 2020-11-09 | CVE-2020-8150 | Missing Encryption of Sensitive Data vulnerability in Nextcloud Server A cryptographic issue in Nextcloud Server 19.0.1 allowed an attacker to downgrade the encryption scheme and break the integrity of encrypted files. | 1.9 |
| 2020-11-02 | CVE-2020-8173 | Missing Encryption of Sensitive Data vulnerability in Nextcloud Server A too small set of random characters being used for encryption in Nextcloud Server 18.0.4 allowed decryption in shorter time than intended. | 3.5 |