Search
Total
90 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-33037 | 1 Qualcomm | 166 Ar8035, Ar8035 Firmware, Fastconnect 6200 and 163 more | 2024-01-09 | N/A | 5.5 MEDIUM |
| Cryptographic issue in Automotive while unwrapping the key secs2d and verifying with RPMB data. | |||||
| CVE-2023-46219 | 2 Fedoraproject, Haxx | 2 Fedora, Curl | 2023-12-24 | N/A | 5.3 MEDIUM |
| When saving HSTS data to an excessively long file name, curl could end up removing all contents, making subsequent requests using that file unaware of the HSTS status they should otherwise use. | |||||
| CVE-2023-37858 | 1 Phoenixcontact | 12 Wp 6070-wvps, Wp 6070-wvps Firmware, Wp 6101-wxps and 9 more | 2023-12-14 | N/A | 4.9 MEDIUM |
| In PHOENIX CONTACTs WP 6xxx series web panels in versions prior to 4.0.10 an authenticated, remote attacker with admin privileges is able to read hardcoded cryptographic keys allowing to decrypt an encrypted web application login password. | |||||
| CVE-2023-42019 | 3 Ibm, Linux, Microsoft | 4 Aix, Infosphere Information Server, Linux Kernel and 1 more | 2023-12-04 | N/A | 5.9 MEDIUM |
| IBM InfoSphere Information Server 11.7 could allow a remote attacker to cause a denial of service due to improper input validation. IBM X-Force ID: 265161. | |||||
| CVE-2023-33228 | 1 Solarwinds | 1 Network Configuration Manager | 2023-11-09 | N/A | 4.9 MEDIUM |
| The SolarWinds Network Configuration Manager was susceptible to the Exposure of Sensitive Information Vulnerability. This vulnerability allows users with administrative access to SolarWinds Web Console to obtain sensitive information. | |||||
| CVE-2023-4384 | 1 Maximatech | 1 Portal Executivo | 2023-08-23 | N/A | 5.9 MEDIUM |
| A vulnerability has been found in MaximaTech Portal Executivo 21.9.1.140 and classified as problematic. This vulnerability affects unknown code of the component Cookie Handler. The manipulation leads to missing encryption of sensitive data. The attack can be initiated remotely. The complexity of an attack is rather high. The exploitation appears to be difficult. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-237316. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. | |||||
| CVE-2023-40251 | 1 Genians | 2 Genian Nac, Genian Ztna | 2023-08-23 | N/A | 5.9 MEDIUM |
| Missing Encryption of Sensitive Data vulnerability in Genians Genian NAC V4.0, Genians Genian NAC V5.0, Genians Genian NAC Suite V5.0, Genians Genian ZTNA allows Man in the Middle Attack.This issue affects Genian NAC V4.0: from V4.0.0 through V4.0.155; Genian NAC V5.0: from V5.0.0 through V5.0.42 (Revision 117460); Genian NAC Suite V5.0: from V5.0.0 through V5.0.54; Genian ZTNA: from V6.0.0 through V6.0.15. | |||||
| CVE-2023-39841 | 1 Etekcity | 2 3-in-1 Smart Door Lock, 3-in-1 Smart Door Lock Firmware | 2023-08-22 | N/A | 4.6 MEDIUM |
| Missing encryption in the RFID tag of Etekcity 3-in-1 Smart Door Lock v1.0 allows attackers to create a cloned tag via brief physical proximity to the original device. | |||||
| CVE-2023-38699 | 1 Mindsdb | 1 Mindsdb | 2023-08-10 | N/A | 6.5 MEDIUM |
| MindsDB's AI Virtual Database allows developers to connect any AI/ML model to any datasource. Prior to version 23.7.4.0, a call to requests with `verify=False` disables SSL certificate checks. This rule enforces always verifying SSL certificates for methods in the Requests library. In version 23.7.4.0, certificates are validated by default, which is the desired behavior. | |||||
| CVE-2022-34307 | 1 Ibm | 1 Cics Tx | 2023-08-08 | N/A | 4.3 MEDIUM |
| IBM CICS TX 11.1 does not set the secure attribute on authorization tokens or session cookies. Attackers may be able to get the cookie values by sending a http:// link to a user or by planting this link in a site the user goes to. The cookie will be sent to the insecure link and the attacker can then obtain the cookie value by snooping the traffic. IBM X-Force ID: 229436. | |||||
| CVE-2022-26157 | 1 Cherwell | 1 Cherwell Service Management | 2023-08-08 | 5.0 MEDIUM | 5.3 MEDIUM |
| An issue was discovered in the web application in Cherwell Service Management (CSM) 10.2.3. The ASP.NET_Sessionid cookie is not protected by the Secure flag. This makes it prone to interception by an attacker if traffic is sent over unencrypted channels. | |||||
| CVE-2021-40642 | 1 Textpattern | 1 Textpattern | 2023-08-08 | 4.3 MEDIUM | 4.3 MEDIUM |
| Textpattern CMS v4.8.7 and older vulnerability exists through Sensitive Cookie in HTTPS Session Without 'Secure' Attribute via textpattern/lib/txplib_misc.php. The secure flag is not set for txp_login session cookie in the application. If the secure flag is not set, then the cookie will be transmitted in clear-text if the user visits any HTTP URLs within the cookie's scope. An attacker may be able to induce this event by feeding a user suitable links, either directly or via another web site. | |||||
| CVE-2021-21963 | 1 Sealevel | 2 Seaconnect 370w, Seaconnect 370w Firmware | 2022-07-29 | 4.3 MEDIUM | 5.9 MEDIUM |
| An information disclosure vulnerability exists in the Web Server functionality of Sealevel Systems, Inc. SeaConnect 370W v1.3.34. A specially-crafted man-in-the-middle attack can lead to a disclosure of sensitive information. An attacker can perform a man-in-the-middle attack to trigger this vulnerability. | |||||
| CVE-2015-3207 | 1 Openshift | 1 Origin | 2022-07-14 | 5.0 MEDIUM | 5.3 MEDIUM |
| In Openshift Origin 3 the cookies being set in console have no 'secure', 'HttpOnly' attributes. | |||||
| CVE-2021-29883 | 1 Ibm | 1 Transformation Extender Advanced | 2022-07-12 | 4.3 MEDIUM | 4.3 MEDIUM |
| IBM Standards Processing Engine (IBM Transformation Extender Advanced 9.0 and 10.0) does not set the secure attribute on authorization tokens or session cookies. Attackers may be able to get the cookie values by sending a http:// link to a user or by planting this link in a site the user goes to. The cookie will be sent to the insecure link and the attacker can then obtain the cookie value by snooping the traffic. IBM X-Force ID: 207090. | |||||
| CVE-2021-38977 | 3 Ibm, Linux, Microsoft | 5 Aix, Security Guardium Key Lifecycle Manager, Security Key Lifecycle Manager and 2 more | 2022-07-12 | 4.3 MEDIUM | 4.3 MEDIUM |
| IBM Tivoli Key Lifecycle Manager 3.0, 3.0.1, 4.0, and 4.1 does not set the secure attribute on authorization tokens or session cookies. Attackers may be able to get the cookie values by sending a http:// link to a user or by planting this link in a site the user goes to. The cookie will be sent to the insecure link and the attacker can then obtain the cookie value by snooping the traffic. IBM X-Force ID: 212782. | |||||
| CVE-2021-40650 | 1 Softwareag | 1 Connx | 2022-06-22 | 4.3 MEDIUM | 6.5 MEDIUM |
| In Connx Version 6.2.0.1269 (20210623), a cookie can be issued by the application and not have the secure flag set. | |||||
| CVE-2021-27783 | 1 Hcltech | 2 Bigfix Mobile, Bigfix Modern Client Management | 2022-06-07 | 4.0 MEDIUM | 6.5 MEDIUM |
| User generated PPKG file for Bulk Enroll may have unencrypted sensitive information exposed. | |||||
| CVE-2022-24045 | 1 Siemens | 8 Desigo Dxr2, Desigo Dxr2 Firmware, Desigo Pxc3 and 5 more | 2022-06-01 | 4.0 MEDIUM | 6.5 MEDIUM |
| A vulnerability has been identified in Desigo DXR2 (All versions < V01.21.142.5-22), Desigo PXC3 (All versions < V01.21.142.4-18), Desigo PXC4 (All versions < V02.20.142.10-10884), Desigo PXC5 (All versions < V02.20.142.10-10884). The application, after a successful login, sets the session cookie on the browser via client-side JavaScript code, without applying any security attributes (such as “Secure”, “HttpOnly”, or “SameSite”). Any attempts to browse the application via unencrypted HTTP protocol would lead to the transmission of all his/her session cookies in plaintext through the network. An attacker could then be able to sniff the network and capture sensitive information. | |||||
| CVE-2020-8150 | 1 Nextcloud | 1 Nextcloud Server | 2022-05-24 | 1.9 LOW | 4.1 MEDIUM |
| A cryptographic issue in Nextcloud Server 19.0.1 allowed an attacker to downgrade the encryption scheme and break the integrity of encrypted files. | |||||
| CVE-2021-27764 | 1 Hcltech | 1 Bigfix Webui | 2022-05-18 | 4.3 MEDIUM | 6.5 MEDIUM |
| Cookie without HTTPONLY flag set. NUMBER cookie(s) was set without Secure or HTTPOnly flags. The images show the cookie with the missing flag. (WebUI) | |||||
| CVE-2020-7567 | 1 Schneider-electric | 2 Modicon M221, Modicon M221 Firmware | 2022-02-04 | 2.9 LOW | 5.7 MEDIUM |
| A CWE-311: Missing Encryption of Sensitive Data vulnerability exists in Modicon M221 (all references, all versions) that could allow the attacker to find the password hash when the attacker has captured the traffic between EcoStruxure Machine - Basic software and Modicon M221 controller and broke the encryption keys. | |||||
| CVE-2022-0183 | 1 Kingjim | 4 Mirupass Pw10, Mirupass Pw10 Firmware, Mirupass Pw20 and 1 more | 2022-01-26 | 2.1 LOW | 4.6 MEDIUM |
| Missing encryption of sensitive data vulnerability in 'MIRUPASS' PW10 firmware all versions and 'MIRUPASS' PW20 firmware all versions allows an attacker who can physically access the device to obtain the stored passwords. | |||||
| CVE-2019-16206 | 1 Broadcom | 1 Brocade Sannav | 2022-01-01 | 2.1 LOW | 5.5 MEDIUM |
| The authentication mechanism, in Brocade SANnav versions before v2.0, logs plaintext account credentials at the ‘trace’ and the 'debug' logging level; which could allow a local authenticated attacker to access sensitive information. | |||||
| CVE-2020-15767 | 1 Gradle | 1 Enterprise | 2021-12-21 | 2.6 LOW | 5.3 MEDIUM |
| An issue was discovered in Gradle Enterprise before 2020.2.5. The cookie used to convey the CSRF prevention token is not annotated with the “secure” attribute, which allows an attacker with the ability to MITM plain HTTP requests to obtain it, if the user mistakenly uses a HTTP instead of HTTPS address to access the server. This cookie value could then be used to perform CSRF. | |||||
| CVE-2021-36189 | 1 Fortinet | 1 Forticlient Enterprise Management Server | 2021-12-10 | 4.0 MEDIUM | 4.9 MEDIUM |
| A missing encryption of sensitive data in Fortinet FortiClientEMS version 7.0.1 and below, version 6.4.4 and below allows attacker to information disclosure via inspecting browser decrypted data | |||||
| CVE-2019-4471 | 2 Ibm, Netapp | 2 Cognos Analytics, Oncommand Insight | 2021-12-01 | 4.0 MEDIUM | 6.5 MEDIUM |
| IBM Cognos Analytics 11.0 and 11.1 could allow a remote attacker to obtain sensitive information, caused by the failure to set the secure flag for a sensitive cookie in an HTTPS session. A remote attacker could exploit this vulnerability to obtain sensitive information. IBM X-Force ID: 163780. | |||||
| CVE-2021-35236 | 1 Solarwinds | 1 Kiwi Syslog Server | 2021-10-28 | 5.0 MEDIUM | 5.3 MEDIUM |
| The Secure flag is not set in the SSL Cookie of Kiwi Syslog Server 9.7.2 and previous versions. The Secure attribute tells the browser to only send the cookie if the request is being sent over a secure channel such as HTTPS. This will help protect the cookie from being passed over unencrypted requests. If the application can be accessed over both HTTP, there is a potential for the cookie can be sent in clear text. | |||||
| CVE-2021-3882 | 1 Ledgersmb | 1 Ledgersmb | 2021-10-20 | 4.0 MEDIUM | 6.8 MEDIUM |
| LedgerSMB does not set the 'Secure' attribute on the session authorization cookie when the client uses HTTPS and the LedgerSMB server is behind a reverse proxy. By tricking a user to use an unencrypted connection (HTTP), an attacker may be able to obtain the authentication data by capturing network traffic. LedgerSMB 1.8 and newer switched from Basic authentication to using cookie authentication with encrypted cookies. Although an attacker can't access the information inside the cookie, nor the password of the user, possession of the cookie is enough to access the application as the user from which the cookie has been obtained. In order for the attacker to obtain the cookie, first of all the server must be configured to respond to unencrypted requests, the attacker must be suitably positioned to eavesdrop on the network traffic between the client and the server *and* the user must be tricked into using unencrypted HTTP traffic. Proper audit control and separation of duties limit Integrity impact of the attack vector. Users of LedgerSMB 1.8 are urged to upgrade to known-fixed versions. Users of LedgerSMB 1.7 or 1.9 are unaffected by this vulnerability and don't need to take action. As a workaround, users may configure their Apache or Nginx reverse proxy to add the Secure attribute at the network boundary instead of relying on LedgerSMB. For Apache, please refer to the 'Header always edit' configuration command in the mod_headers module. For Nginx, please refer to the 'proxy_cookie_flags' configuration command. | |||||
| CVE-2018-1882 | 5 Apple, Ibm, Linux and 2 more | 7 Macos, Aix, Spectrum Protect Backup-archive Client and 4 more | 2021-09-08 | 1.9 LOW | 4.7 MEDIUM |
| In a certain atypical IBM Spectrum Protect 7.1 and 8.1 configurations, the node password could be displayed in plain text in the IBM Spectrum Protect client trace file. IBM X-Force ID: 151968. | |||||
| CVE-2017-5042 | 4 Apple, Google, Linux and 1 more | 5 Macos, Android, Chrome and 2 more | 2021-09-08 | 3.3 LOW | 5.7 MEDIUM |
| Cast in Google Chrome prior to 57.0.2987.98 for Mac, Windows, and Linux and 57.0.2987.108 for Android sent cookies to sites discovered via SSDP, which allowed an attacker on the local network segment to initiate connections to arbitrary URLs and observe any plaintext cookies sent. | |||||
| CVE-2021-32001 | 1 Suse | 2 Rancher K3s, Rancher Rke2 | 2021-08-13 | 4.0 MEDIUM | 6.5 MEDIUM |
| A Missing Encryption of Sensitive Data vulnerability in k3s, kde2 of SUSE Rancher allows any user with direct access to the datastore, or a copy of a datastore backup to extract the cluster's confidential keying material (cluster certificate authority private keys, secrets encryption configuration passphrase, etc) and decrypt it, without having to know the token value. This issue affects: SUSE Rancher K3s version v1.19.12+k3s1, v1.20.8+k3s1, v1.21.2+k3s1 and prior versions; RKE2 version v1.19.12+rke2r1, v1.20.8+rke2r1, v1.21.2+rke2r1 and prior versions. | |||||
| CVE-2021-22782 | 1 Schneider-electric | 3 Ecostruxure Control Expert, Ecostruxure Process Expert, Remoteconnect | 2021-07-26 | 2.1 LOW | 5.5 MEDIUM |
| Missing Encryption of Sensitive Data vulnerability exists in EcoStruxure Control Expert (all versions prior to V15.0 SP1, including all versions of Unity Pro), EcoStruxure Process Expert (all versions, including all versions of EcoStruxure Hybrid DCS), and SCADAPack RemoteConnect for x70, all versions, that could cause an information leak allowing disclosure of network and process information, credentials or intellectual property when an attacker can access a project file. | |||||
| CVE-2019-14954 | 1 Jetbrains | 1 Intellij Idea | 2021-07-21 | 4.3 MEDIUM | 5.9 MEDIUM |
| JetBrains IntelliJ IDEA before 2019.2 was resolving the markdown plantuml artifact download link via a cleartext http connection. | |||||
| CVE-2019-18376 | 1 Symantec | 1 Management Center | 2021-07-21 | 4.3 MEDIUM | 5.9 MEDIUM |
| A CSRF token disclosure vulnerability allows a remote attacker, with access to an authenticated Management Center (MC) user's web browser history or a network device that intercepts/logs traffic to MC, to obtain CSRF tokens and use them to perform CSRF attacks against MC. | |||||
| CVE-2020-15509 | 1 Nordicsemi | 2 Android Ble Library, Dfu Library | 2021-07-21 | 3.3 LOW | 6.5 MEDIUM |
| Nordic Semiconductor Android BLE Library through 2.2.1 and DFU Library through 1.10.4 for Android (as used by nRF Connect and other applications) can engage in unencrypted communication while showing the user that the communication is purportedly encrypted. The problem is in bond creation (e.g., internalCreateBond in BleManagerHandler). | |||||
| CVE-2020-26816 | 1 Sap | 1 Netweaver Application Server Java | 2021-07-21 | 2.7 LOW | 4.5 MEDIUM |
| SAP AS JAVA (Key Storage Service), versions - 7.10, 7.11, 7.20 ,7.30, 7.31, 7.40, 7.50, has the key material which is stored in the SAP NetWeaver AS Java Key Storage service stored in the database in the DER encoded format and is not encrypted. This enables an attacker who has administrator access to the SAP NetWeaver AS Java to decode the keys because of missing encryption and get some application data and client credentials of adjacent systems. This highly impacts Confidentiality as information disclosed could contain client credentials of adjacent systems. | |||||
| CVE-2020-10941 | 2 Arm, Fedoraproject | 3 Mbed Crypto, Mbed Tls, Fedora | 2021-07-21 | 4.3 MEDIUM | 5.9 MEDIUM |
| Arm Mbed TLS before 2.16.5 allows attackers to obtain sensitive information (an RSA private key) by measuring cache usage during an import. | |||||
| CVE-2020-4597 | 2 Ibm, Linux | 2 Security Guardium Insights, Linux Kernel | 2021-07-21 | 4.3 MEDIUM | 4.3 MEDIUM |
| IBM Security Guardium Insights 2.0.2 does not set the secure attribute on authorization tokens or session cookies. Attackers may be able to get the cookie values by sending a http:// link to a user or by planting this link in a site the user goes to. The cookie will be sent to the insecure link and the attacker can then obtain the cookie value by snooping the traffic. IBM X-Force ID: 184822. | |||||
| CVE-2020-35658 | 1 Titanhq | 1 Spamtitan | 2021-07-21 | 5.0 MEDIUM | 5.3 MEDIUM |
| SpamTitan before 7.09 allows attackers to tamper with backups, because backups are not encrypted. | |||||
| CVE-2019-16062 | 1 Netsas | 1 Enigma Network Management Solution | 2021-07-21 | 4.0 MEDIUM | 6.5 MEDIUM |
| NETSAS Enigma NMS 65.0.0 and prior does not encrypt sensitive data stored within the SQL database. It is possible for an attacker to expose unencrypted sensitive data. | |||||
| CVE-2019-14317 | 1 Wolfssl | 1 Wolfssl | 2021-07-21 | 4.3 MEDIUM | 5.3 MEDIUM |
| wolfSSL and wolfCrypt 4.1.0 and earlier (formerly known as CyaSSL) generate biased DSA nonces. This allows a remote attacker to compute the long term private key from several hundred DSA signatures via a lattice attack. The issue occurs because dsa.c fixes two bits of the generated nonces. | |||||
| CVE-2019-19463 | 1 Huami | 1 Mi Fit | 2021-07-21 | 5.0 MEDIUM | 5.3 MEDIUM |
| The Anhui Huami Mi Fit application before 4.0.11 for Android has an Unencrypted Update Check. | |||||
| CVE-2019-14959 | 1 Jetbrains | 1 Toolbox | 2021-07-21 | 4.3 MEDIUM | 5.9 MEDIUM |
| JetBrains Toolbox before 1.15.5605 was resolving an internal URL via a cleartext http connection. | |||||
| CVE-2021-23211 | 1 Gallagher | 1 Command Centre | 2021-06-28 | 2.1 LOW | 4.4 MEDIUM |
| Cleartext Storage of Sensitive Information in Memory vulnerability in Gallagher Command Centre Server allows Cloud end-to-end encryption key to be discoverable in server memory dumps. This issue affects: Gallagher Command Centre 8.40 versions prior to 8.40.1888 (MR3). | |||||
| CVE-2021-20567 | 2 Ibm, Redhat | 2 Resilient Security Orchestration Automation And Response, Linux | 2021-06-21 | 2.1 LOW | 4.4 MEDIUM |
| IBM Resilient SOAR V38.0 could allow a local privileged attacker to obtain sensitive information due to improper or nonexisting encryption.IBM X-Force ID: 199239. | |||||
| CVE-2012-5474 | 4 Debian, Fedoraproject, Openstack and 1 more | 4 Debian Linux, Fedora, Horizon and 1 more | 2021-03-09 | 2.1 LOW | 5.5 MEDIUM |
| The file /etc/openstack-dashboard/local_settings within Red Hat OpenStack Platform 2.0 and RHOS Essex Release (python-django-horizon package before 2012.1.1) is world readable and exposes the secret key value. | |||||
| CVE-2020-29024 | 1 Secomea | 8 Gatemanager 4250, Gatemanager 4250 Firmware, Gatemanager 4260 and 5 more | 2021-02-26 | 5.0 MEDIUM | 5.3 MEDIUM |
| Sensitive Cookie in HTTPS Session Without 'Secure' Attribute vulnerability in (GTA) GoToAppliance of Secomea GateManager could allow an attacker to gain access to sensitive cookies. This issue affects: Secomea GateManager all versions prior to 9.3. | |||||
| CVE-2019-1589 | 1 Cisco | 28 Nexus 9000, Nexus 92160yc-x, Nexus 92300yc and 25 more | 2020-10-13 | 2.1 LOW | 4.6 MEDIUM |
| A vulnerability in the Trusted Platform Module (TPM) functionality of software for Cisco Nexus 9000 Series Fabric Switches in Application Centric Infrastructure (ACI) mode could allow an unauthenticated, local attacker with physical access to view sensitive information on an affected device. The vulnerability is due to a lack of proper data-protection mechanisms for disk encryption keys that are used within the partitions on an affected device hard drive. An attacker could exploit this vulnerability by obtaining physical access to the affected device to view certain cleartext keys. A successful exploit could allow the attacker to execute a custom boot process or conduct further attacks on an affected device. | |||||
| CVE-2019-1692 | 1 Cisco | 1 Application Policy Infrastructure Controller | 2020-10-07 | 5.0 MEDIUM | 5.3 MEDIUM |
| A vulnerability in the web-based management interface of Cisco Application Policy Infrastructure Controller (APIC) Software could allow an unauthenticated, remote attacker to access sensitive system usage information. The vulnerability is due to a lack of proper data protection mechanisms for certain components in the underlying Application Centric Infrastructure (ACI). An attacker could exploit this vulnerability by attempting to observe certain network traffic when accessing the APIC. A successful exploit could allow the attacker to access and collect certain tracking data and usage statistics on an affected device. | |||||