Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by CWE-311
Total 209 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2018-5481 1 Netapp 1 Oncommand Unified Manager 2019-10-02 5.8 MEDIUM 7.4 HIGH
OnCommand Unified Manager for 7-Mode (core package) prior to 5.2.4 uses cookies that lack the secure attribute in certain circumstances making it vulnerable to impersonation via man-in-the-middle (MITM) attacks.
CVE-2018-5482 1 Netapp 1 Snapcenter Server 2019-10-02 5.0 MEDIUM 5.3 MEDIUM
NetApp SnapCenter Server prior to 4.1 does not set the secure flag for a sensitive cookie in an HTTPS session which can allow the transmission of the cookie in plain text over an unencrypted channel.
CVE-2018-10825 1 Mimobaby 2 Mimo Baby 2, Mimo Baby 2 Firmware 2019-10-02 2.9 LOW 5.3 MEDIUM
Mimo Baby 2 devices do not use authentication or encryption for the Bluetooth Low Energy (BLE) communication from a Turtle to a Lilypad, which allows attackers to inject fake information about the position and temperature of a baby via a replay or spoofing attack.
CVE-2018-1340 1 Apache 1 Guacamole 2019-10-02 5.0 MEDIUM 7.5 HIGH
Prior to 1.0.0, Apache Guacamole used a cookie for client-side storage of the user's session token. This cookie lacked the "secure" flag, which could allow an attacker eavesdropping on the network to intercept the user's session token if unencrypted HTTP requests are made to the same domain.
CVE-2018-14608 2 Microsoft, Thomsonreuters 2 Windows, Ultratax Cs 2019-10-02 5.0 MEDIUM 7.5 HIGH
Thomson Reuters UltraTax CS 2017 on Windows has a password protection option; however, the level of protection might be inconsistent with some customers' expectations because the data is directly accessible in cleartext. Specifically, it stores customer data in unique directories (%install_path%\WinCSI\UT17DATA\client_ID\file_name.XX17) that can be bypassed without authentication by examining the strings of the .XX17 file. The strings stored in the .XX17 file contain each customer's: Full Name, Spouse's Name, Social Security Number, Date of Birth, Occupation, Home Address, Daytime Phone Number, Home Phone Number, Spouse's Address, Spouse's Daytime Phone Number, Spouse's Social Security Number, Spouse's Home Phone Number, Spouse's Occupation, Spouse's Date of Birth, and Spouse's Filing Status.
CVE-2017-9854 1 Sma 78 Sunny Boy 1.5, Sunny Boy 1.5 Firmware, Sunny Boy 2.5 and 75 more 2019-10-02 5.0 MEDIUM 9.8 CRITICAL
** DISPUTED ** An issue was discovered in SMA Solar Technology products. By sniffing for specific packets on the localhost, plaintext passwords can be obtained as they are typed into Sunny Explorer by the user. These passwords can then be used to compromise the overall device. NOTE: the vendor reports that exploitation likelihood is low because these packets are usually sent only once during installation. Also, only Sunny Boy TLST-21 and TL-21 and Sunny Tripower TL-10 and TL-30 could potentially be affected.
CVE-2018-14607 1 Thomsonreuters 1 Ultratax Cs 2017 2019-10-02 5.0 MEDIUM 7.5 HIGH
Thomson Reuters UltraTax CS 2017 on Windows, in a client/server configuration, transfers customer records and bank account numbers in cleartext over SMBv2, which allows attackers to (1) obtain sensitive information by sniffing the network or (2) conduct man-in-the-middle (MITM) attacks via unspecified vectors. The customer record transferred in cleartext contains: Client ID, Full Name, Spouse's Full Name, Social Security Number, Spouse's Social Security Number, Occupation, Spouse's Occupation, Daytime Phone, Home Phone, Tax Preparer, Federal and State Taxes to File, Bank Name, Bank Account Number, and possibly other sensitive information.
CVE-2017-9604 1 Kde 3 Kde, Kmail, Messagelib 2019-10-02 5.0 MEDIUM 7.5 HIGH
KDE kmail before 5.5.2 and messagelib before 5.5.2, as distributed in KDE Applications before 17.04.2, do not ensure that a plugin's sign/encrypt action occurs during use of the Send Later feature, which allows remote attackers to obtain sensitive information by sniffing the network.
CVE-2017-9045 1 Google 1 Google I\/o 2017 2019-10-02 4.3 MEDIUM 5.9 MEDIUM
The Google I/O 2017 application before 5.1.4 for Android downloads multiple .json files from http://storage.googleapis.com without SSL, which makes it easier for man-in-the-middle attackers to spoof Feed and Schedule data by creating a modified blocks_v4.json file.
CVE-2017-8168 1 Huawei 1 Fusionsphere Openstack 2019-10-02 3.3 LOW 4.3 MEDIUM
FusionSphere OpenStack with software V100R006C00SPC102(NFV) and V100R006C10 have an information leak vulnerability. Due to an incorrect configuration item, the information transmitted by a transmission channel is not encrypted. An attacker accessing the internal network may obtain sensitive information transmitted.
CVE-2017-8221 1 Wificam 2 Wireless Ip Camera \(p2p\), Wireless Ip Camera \(p2p\) Firmware 2019-10-02 5.0 MEDIUM 7.5 HIGH
Wireless IP Camera (P2P) WIFICAM devices rely on a cleartext UDP tunnel protocol (aka the Cloud feature) for communication between an Android application and a camera device, which allows remote attackers to obtain sensitive information by sniffing the network.
CVE-2017-7485 1 Postgresql 1 Postgresql 2019-10-02 4.3 MEDIUM 5.9 MEDIUM
In PostgreSQL 9.3.x before 9.3.17, 9.4.x before 9.4.12, 9.5.x before 9.5.7, and 9.6.x before 9.6.3, it was found that the PGREQUIRESSL environment variable was no longer enforcing a SSL/TLS connection to a PostgreSQL server. An active Man-in-the-Middle attacker could use this flaw to strip the SSL/TLS protection from a connection between a client and a server.
CVE-2017-6445 1 Openelec 1 Openelec 2019-10-02 7.6 HIGH 8.1 HIGH
The auto-update feature of Open Embedded Linux Entertainment Center (OpenELEC) 6.0.3, 7.0.1, and 8.0.4 uses neither encrypted connections nor signed updates. A man-in-the-middle attacker could manipulate the update packages to gain root access remotely.
CVE-2017-6297 1 Mikrotik 1 Routeros 2019-10-02 4.3 MEDIUM 5.9 MEDIUM
The L2TP Client in MikroTik RouterOS versions 6.83.3 and 6.37.4 does not enable IPsec encryption after a reboot, which allows man-in-the-middle attackers to view transmitted data unencrypted and gain access to networks on the L2TP server by monitoring the packets for the transmitted data and obtaining the L2TP secret.
CVE-2018-20465 1 Craftcms 1 Craft Cms 2019-10-02 4.0 MEDIUM 7.2 HIGH
Craft CMS through 3.0.34 allows remote authenticated administrators to read sensitive information via server-side template injection, as demonstrated by a {% string for craft.app.config.DB.user and craft.app.config.DB.password in the URI Format of the Site Settings, which causes a cleartext username and password to be displayed in a URI field.
CVE-2018-20100 1 August 2 August Connect, August Connect Firmware 2019-10-02 5.0 MEDIUM 9.8 CRITICAL
An issue was discovered on August Connect devices. Insecure data transfer between the August app and August Connect during configuration allows attackers to discover home Wi-Fi credentials. This data transfer uses an unencrypted access point for these credentials, and passes them in an HTTP POST, using the AugustWifiDevice class, with data encrypted with a fixed key found obfuscated in the app.
CVE-2018-6674 2 Mcafee, Microsoft 2 Virusscan Enterprise, Windows 2019-10-02 2.1 LOW 3.9 LOW
Privilege Escalation vulnerability in Microsoft Windows client (McTray.exe) in McAfee VirusScan Enterprise (VSE) 8.8 prior to Patch 13 allows local users to spawn unrelated processes with elevated privileges via the system administrator granting McTray.exe elevated privileges (by default it runs with the current user's privileges).
CVE-2018-16837 3 Debian, Redhat, Suse 5 Debian Linux, Ansible Engine, Ansible Tower and 2 more 2019-10-02 2.1 LOW 7.8 HIGH
Ansible "User" module leaks any data which is passed on as a parameter to ssh-keygen. This could lean in undesirable situations such as passphrases credentials passed as a parameter for the ssh-keygen executable. Showing those credentials in clear text form for every user which have access just to the process list.
CVE-2017-15609 1 Octopus 1 Octopus Deploy 2019-10-02 5.0 MEDIUM 7.5 HIGH
Octopus before 3.17.7 allows attackers to obtain sensitive cleartext information by reading a variable JSON file in certain situations involving Offline Drop Targets.
CVE-2017-15581 1 Writediary 1 Diary With Lock 2019-10-02 5.0 MEDIUM 7.5 HIGH
In the "Diary with lock" (aka WriteDiary) application 4.72 for Android, neither HTTPS nor other encryption is used for transmitting data, despite the documentation that the product is intended for "a personal journal of ... secrets and feelings," which allows remote attackers to obtain sensitive information by sniffing the network during LoginActivity or NoteActivity execution.