Vulnerabilities > Missing Encryption of Sensitive Data

DATE CVE VULNERABILITY TITLE RISK
2022-09-29 CVE-2020-15342 Missing Encryption of Sensitive Data vulnerability in Zyxel Cloudcnm Secumanager 3.1.0/3.1.1
Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has an unauthenticated zy_install_user API.
network
low complexity
zyxel CWE-311
5.3
2022-09-29 CVE-2020-15343 Missing Encryption of Sensitive Data vulnerability in Zyxel Cloudcnm Secumanager 3.1.0/3.1.1
Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has an unauthenticated zy_install_user_key API.
network
low complexity
zyxel CWE-311
5.3
2022-09-29 CVE-2020-15344 Missing Encryption of Sensitive Data vulnerability in Zyxel Cloudcnm Secumanager 3.1.0/3.1.1
Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has an unauthenticated zy_get_user_id_and_key API.
network
low complexity
zyxel CWE-311
5.3
2022-09-29 CVE-2020-15345 Missing Encryption of Sensitive Data vulnerability in Zyxel Cloudcnm Secumanager 3.1.0/3.1.1
Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has an unauthenticated zy_get_instances_for_update API.
network
low complexity
zyxel CWE-311
5.3
2022-09-29 CVE-2020-15346 Missing Encryption of Sensitive Data vulnerability in Zyxel Cloudcnm Secumanager 3.1.0/3.1.1
Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has a /live/GLOBALS API with the CLOUDCNM key.
network
low complexity
zyxel CWE-311
5.3
2022-09-21 CVE-2022-3250 Missing Encryption of Sensitive Data vulnerability in Ikus-Soft Rdiffweb
Sensitive Cookie in HTTPS Session Without 'Secure' Attribute in GitHub repository ikus060/rdiffweb prior to 2.4.6.
network
low complexity
ikus-soft CWE-311
5.3
2022-09-21 CVE-2022-3251 Missing Encryption of Sensitive Data vulnerability in Ikus-Soft Minarca
Sensitive Cookie in HTTPS Session Without 'Secure' Attribute in GitHub repository ikus060/minarca prior to 4.2.2.
network
low complexity
ikus-soft CWE-311
5.3
2022-09-13 CVE-2022-3174 Missing Encryption of Sensitive Data vulnerability in Ikus-Soft Rdiffweb
Sensitive Cookie in HTTPS Session Without 'Secure' Attribute in GitHub repository ikus060/rdiffweb prior to 2.4.2.
network
low complexity
ikus-soft CWE-311
7.5
2022-08-16 CVE-2022-38194 Missing Encryption of Sensitive Data vulnerability in Esri Portal for Arcgis 10.8.1
In Esri Portal for ArcGIS versions 10.8.1, a system property is not properly encrypted.
local
low complexity
esri CWE-311
5.5
2022-08-01 CVE-2022-34307 Missing Encryption of Sensitive Data vulnerability in IBM Cics TX 11.1
IBM CICS TX 11.1 does not set the secure attribute on authorization tokens or session cookies.
network
low complexity
ibm CWE-311
4.3