CWE-319
Cleartext Transmission of Sensitive Information
The product transmits sensitive or security-critical data in cleartext in a communication channel that can be sniffed by unauthorized actors.
CVE-2023-22597 (GCVE-0-2023-22597)
Vulnerability from cvelistv5 – Published: 2023-01-12 22:27 – Updated: 2025-01-16 22:02
VLAI
Summary
InHand Networks InRouter 302, prior to version IR302 V3.5.56, and InRouter 615, prior to version InRouter6XX-S-V2.3.0.r5542, contain vulnerability CWE-319: Cleartext Transmission of Sensitive Information. They use an unsecured channel to communicate with the cloud platform by default. An unauthorized user could intercept this communication and steal sensitive information such as configuration information and MQTT credentials; this could allow MQTT command injection.
Severity
6.5 (Medium)
CWE
- CWE-319 - Cleartext Transmission of Sensitive Information
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://www.cisa.gov/uscert/ics/advisories/icsa-2… | government-resource |
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| InHand Networks | InRouter 302 |
Affected:
0 , < IR302 V3.5.56
(custom)
|
|
| InHand Networks | InRouter 615 |
Affected:
0 , < InRouter6XX-S-V2.3.0.r5542
(custom)
|
Credits
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T10:13:49.120Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"government-resource",
"x_transferred"
],
"url": "https://www.cisa.gov/uscert/ics/advisories/icsa-23-012-03"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-22597",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-16T20:22:36.931687Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-01-16T22:02:41.714Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "InRouter 302",
"vendor": "InHand Networks",
"versions": [
{
"lessThan": "IR302 V3.5.56",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "InRouter 615",
"vendor": "InHand Networks",
"versions": [
{
"lessThan": "InRouter6XX-S-V2.3.0.r5542",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Roni Gavrilov"
},
{
"lang": "en",
"type": "reporter",
"user": "00000000-0000-4000-9000-000000000000",
"value": "OTORIO"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eInHand Networks InRouter 302, prior to version IR302 V3.5.56, and InRouter 615, prior to version InRouter6XX-S-V2.3.0.r5542, contain vulnerability CWE-319: Cleartext Transmission of Sensitive Information. They use an unsecured channel to communicate with the cloud platform by default. An unauthorized user could intercept this communication and steal sensitive information such as configuration information and MQTT credentials; this could allow MQTT command injection. \u003c/span\u003e\n\n"
}
],
"value": "\nInHand Networks InRouter 302, prior to version IR302 V3.5.56, and InRouter 615, prior to version InRouter6XX-S-V2.3.0.r5542, contain vulnerability CWE-319: Cleartext Transmission of Sensitive Information. They use an unsecured channel to communicate with the cloud platform by default. An unauthorized user could intercept this communication and steal sensitive information such as configuration information and MQTT credentials; this could allow MQTT command injection. \n\n"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:H/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-319",
"description": "CWE-319 Cleartext Transmission of Sensitive Information",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-01-12T22:27:53.790Z",
"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"shortName": "icscert"
},
"references": [
{
"tags": [
"government-resource"
],
"url": "https://www.cisa.gov/uscert/ics/advisories/icsa-23-012-03"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"assignerShortName": "icscert",
"cveId": "CVE-2023-22597",
"datePublished": "2023-01-12T22:27:53.790Z",
"dateReserved": "2023-01-03T19:55:20.124Z",
"dateUpdated": "2025-01-16T22:02:41.714Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-22806 (GCVE-0-2023-22806)
Vulnerability from cvelistv5 – Published: 2023-02-15 17:28 – Updated: 2025-01-16 21:56
VLAI
Title
CVE-2023-22806
Summary
LS ELECTRIC XBC-DN32U with operating system version 01.80 transmits sensitive information in cleartext when communicating over its XGT protocol. This could allow an attacker to gain sensitive information such as user credentials.
Severity
7.5 (High)
CWE
- CWE-319 - Cleartext Transmission of Sensitive Information
Assigner
References
1 reference
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| LS Electric | XBC-DN32U |
Affected:
Operating System Version 01.80
|
Date Public
2023-02-09 21:04
Credits
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T10:20:31.054Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.cisa.gov/uscert/ics/advisories/icsa-23-040-02"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-22806",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-16T20:56:40.532393Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-01-16T21:56:27.143Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "XBC-DN32U",
"vendor": "LS Electric",
"versions": [
{
"status": "affected",
"version": "Operating System Version 01.80"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "HeeA Go of Dankook University reported these vulnerabilities"
}
],
"datePublic": "2023-02-09T21:04:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eLS ELECTRIC XBC-DN32U with operating system version 01.80 transmits sensitive information in cleartext when communicating over its XGT protocol. This could allow an attacker to gain sensitive information such as user credentials.\u003c/p\u003e"
}
],
"value": "LS ELECTRIC XBC-DN32U with operating system version 01.80 transmits sensitive information in cleartext when communicating over its XGT protocol. This could allow an attacker to gain sensitive information such as user credentials.\n\n"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-319",
"description": "CWE-319 Cleartext Transmission of Sensitive Information",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-02-15T17:28:53.471Z",
"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"shortName": "icscert"
},
"references": [
{
"url": "https://www.cisa.gov/uscert/ics/advisories/icsa-23-040-02"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "CVE-2023-22806",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\n\n\u003cp\u003eLS ELECTRIC is developing mitigations (to be released tentatively by the end of 2023) and recommends users follow the provided workarounds to reduce the risk of exploitation: \u003c/p\u003e\u003cul\u003e\u003cli\u003eRestrict communication to the PLC to only trusted IP addresses and trusted devices by enabling the \u201cHost Table\u201d option in the configuration window of the PLC. \u003c/li\u003e\u003c/ul\u003e\n\n\u003cbr\u003e"
}
],
"value": "\nLS ELECTRIC is developing mitigations (to be released tentatively by the end of 2023) and recommends users follow the provided workarounds to reduce the risk of exploitation: \n\n * Restrict communication to the PLC to only trusted IP addresses and trusted devices by enabling the \u201cHost Table\u201d option in the configuration window of the PLC. \n\n\n\n\n\n"
}
],
"x_generator": {
"engine": "VINCE 2.0.6",
"env": "prod",
"origin": "https://cveawg.mitre.org/api/cve/CVE-2023-22806"
}
}
},
"cveMetadata": {
"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"assignerShortName": "icscert",
"cveId": "CVE-2023-22806",
"datePublished": "2023-02-15T17:28:53.471Z",
"dateReserved": "2023-01-06T18:49:55.855Z",
"dateUpdated": "2025-01-16T21:56:27.143Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-22863 (GCVE-0-2023-22863)
Vulnerability from cvelistv5 – Published: 2023-01-18 18:46 – Updated: 2025-04-03 19:50
VLAI
Title
IBM Robotic Process Automation information disclosure
Summary
IBM Robotic Process Automation 20.12.0 through 21.0.2 defaults to HTTP in some RPA commands when the prefix is not explicitly specified in the URL. This could allow an attacker to obtain sensitive information using man in the middle techniques. IBM X-Force ID: 244109.
Severity
5.9 (Medium)
CWE
- CWE-319 - Cleartext Transmission of Sensitive Information
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://www.ibm.com/support/pages/node/6855837 | vendor-advisory |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entry |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| IBM | Robotic Process Automation |
Affected:
20.12.0 , < 21.0.2
(semver)
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T10:20:31.133Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://www.ibm.com/support/pages/node/6855837"
},
{
"tags": [
"vdb-entry",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/244109"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-22863",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-02T16:01:55.093206Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-04-03T19:50:13.063Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Robotic Process Automation",
"vendor": "IBM",
"versions": [
{
"lessThan": "21.0.2",
"status": "affected",
"version": "20.12.0",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "IBM Robotic Process Automation 20.12.0 through 21.0.2 defaults to HTTP in some RPA commands when the prefix is not explicitly specified in the URL. This could allow an attacker to obtain sensitive information using man in the middle techniques. IBM X-Force ID: 244109."
}
],
"value": "IBM Robotic Process Automation 20.12.0 through 21.0.2 defaults to HTTP in some RPA commands when the prefix is not explicitly specified in the URL. This could allow an attacker to obtain sensitive information using man in the middle techniques. IBM X-Force ID: 244109."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-319",
"description": "CWE-319 Cleartext Transmission of Sensitive Information",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-01-18T18:46:54.882Z",
"orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"shortName": "ibm"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://www.ibm.com/support/pages/node/6855837"
},
{
"tags": [
"vdb-entry"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/244109"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "IBM Robotic Process Automation information disclosure",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"assignerShortName": "ibm",
"cveId": "CVE-2023-22863",
"datePublished": "2023-01-18T18:46:54.882Z",
"dateReserved": "2023-01-09T15:16:41.369Z",
"dateUpdated": "2025-04-03T19:50:13.063Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-22870 (GCVE-0-2023-22870)
Vulnerability from cvelistv5 – Published: 2023-09-05 00:46 – Updated: 2024-09-26 18:27
VLAI
Title
IBM Aspera Faspex information disclosure
Summary
IBM Aspera Faspex 5.0.5 transmits sensitive information in cleartext which could be obtained by an attacker using man in the middle techniques. IBM X-Force ID: 244121.
Severity
5.9 (Medium)
CWE
- CWE-319 - Cleartext Transmission of Sensitive Information
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://www.ibm.com/support/pages/node/7029681 | vendor-advisory |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entry |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| IBM | Aspera Faspex |
Affected:
5.0.5
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T10:20:31.053Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://www.ibm.com/support/pages/node/7029681"
},
{
"tags": [
"vdb-entry",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/244121"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-22870",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-26T18:03:00.024971Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-26T18:27:59.631Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Aspera Faspex",
"vendor": "IBM",
"versions": [
{
"status": "affected",
"version": "5.0.5"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "IBM Aspera Faspex 5.0.5 transmits sensitive information in cleartext which could be obtained by an attacker using man in the middle techniques. IBM X-Force ID: 244121."
}
],
"value": "IBM Aspera Faspex 5.0.5 transmits sensitive information in cleartext which could be obtained by an attacker using man in the middle techniques. IBM X-Force ID: 244121."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-319",
"description": "CWE-319 Cleartext Transmission of Sensitive Information",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-09-05T00:46:14.649Z",
"orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"shortName": "ibm"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://www.ibm.com/support/pages/node/7029681"
},
{
"tags": [
"vdb-entry"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/244121"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "IBM Aspera Faspex information disclosure",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"assignerShortName": "ibm",
"cveId": "CVE-2023-22870",
"datePublished": "2023-09-05T00:46:14.649Z",
"dateReserved": "2023-01-09T15:16:49.250Z",
"dateUpdated": "2024-09-26T18:27:59.631Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-23371 (GCVE-0-2023-23371)
Vulnerability from cvelistv5 – Published: 2023-10-06 16:36 – Updated: 2024-09-19 14:45
VLAI
Title
QVPN Device Client
Summary
A cleartext transmission of sensitive information vulnerability has been reported to affect QVPN Device Client. If exploited, the vulnerability could allow local authenticated administrators to read sensitive data via unspecified vectors.
We have already fixed the vulnerability in the following version:
QVPN Windows 2.2.0.0823 and later
Severity
5.2 (Medium)
Assigner
References
1 reference
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| QNAP Systems Inc. | QVPN Windows |
Affected:
2.2.x , < 2.2.0.0823
(custom)
|
Credits
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T10:28:40.641Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.qnap.com/en/security-advisory/qsa-23-39"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-23371",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-19T14:24:41.197936Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-19T14:45:34.271Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "QVPN Windows",
"vendor": "QNAP Systems Inc.",
"versions": [
{
"lessThan": "2.2.0.0823",
"status": "affected",
"version": "2.2.x",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Runzi Zhao, Security Researcher, QI-ANXIN"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "A cleartext transmission of sensitive information vulnerability has been reported to affect QVPN Device Client. If exploited, the vulnerability could allow local authenticated administrators to read sensitive data via unspecified vectors.\u003cbr\u003e\u003cbr\u003eWe have already fixed the vulnerability in the following version:\u003cbr\u003eQVPN Windows 2.2.0.0823 and later\u003cbr\u003e"
}
],
"value": "A cleartext transmission of sensitive information vulnerability has been reported to affect QVPN Device Client. If exploited, the vulnerability could allow local authenticated administrators to read sensitive data via unspecified vectors.\n\nWe have already fixed the vulnerability in the following version:\nQVPN Windows 2.2.0.0823 and later\n"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 5.2,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-311",
"description": "CWE-311",
"lang": "en",
"type": "CWE"
},
{
"cweId": "CWE-319",
"description": "CWE-319",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-10-06T16:36:01.562Z",
"orgId": "2fd009eb-170a-4625-932b-17a53af1051f",
"shortName": "qnap"
},
"references": [
{
"url": "https://www.qnap.com/en/security-advisory/qsa-23-39"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "We have already fixed the vulnerability in the following version:\u003cbr\u003eQVPN Windows 2.2.0.0823 and later\u003cbr\u003e"
}
],
"value": "We have already fixed the vulnerability in the following version:\nQVPN Windows 2.2.0.0823 and later\n"
}
],
"source": {
"advisory": "QSA-23-39",
"discovery": "EXTERNAL"
},
"title": "QVPN Device Client",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "2fd009eb-170a-4625-932b-17a53af1051f",
"assignerShortName": "qnap",
"cveId": "CVE-2023-23371",
"datePublished": "2023-10-06T16:36:01.562Z",
"dateReserved": "2023-01-11T20:15:53.087Z",
"dateUpdated": "2024-09-19T14:45:34.271Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-23841 (GCVE-0-2023-23841)
Vulnerability from cvelistv5 – Published: 2023-06-15 00:00 – Updated: 2024-12-12 21:02
VLAI
Title
SolarWinds Serv-U Exposure of Sensitive Information Vulnerability
Summary
SolarWinds Serv-U is submitting an HTTP request when changing or updating the attributes for File Share or File request. Part of the URL of the request discloses sensitive data.
Severity
7.5 (High)
CWE
- CWE-319 - Cleartext Transmission of Sensitive Information
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://www.solarwinds.com/trust-center/security-… | vendor-advisory |
| https://documentation.solarwinds.com/en/success_c… | release-notes |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| SolarWinds | ServU |
Affected:
previous versions , ≤ 15.3.2
(15.4)
|
Date Public
2023-05-16 17:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T10:42:26.763Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://www.solarwinds.com/trust-center/security-advisories/CVE-2023-23841"
},
{
"tags": [
"release-notes",
"x_transferred"
],
"url": "https://documentation.solarwinds.com/en/success_center/servu/content/release_notes/serv-u_15-4_release_notes.htm"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-23841",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-12-12T21:02:22.696382Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-12-12T21:02:58.158Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "ServU",
"vendor": "SolarWinds",
"versions": [
{
"lessThanOrEqual": "15.3.2",
"status": "affected",
"version": "previous versions",
"versionType": "15.4"
}
]
}
],
"datePublic": "2023-05-16T17:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eSolarWinds Serv-U is submitting an HTTP request when changing or updating \u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003ethe attributes\u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e for File Share or File request.\u202f Part of the URL of the request discloses sensitive data.\u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\u0026nbsp;\u003c/span\u003e"
}
],
"value": "SolarWinds Serv-U is submitting an HTTP request when changing or updating the attributes for File Share or File request.\u202f Part of the URL of the request discloses sensitive data."
}
],
"impacts": [
{
"capecId": "CAPEC-204",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-204 Lifting Sensitive Data Embedded in Cache"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-319",
"description": "CWE-319 Cleartext Transmission of Sensitive Information",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-08-03T20:20:31.933Z",
"orgId": "49f11609-934d-4621-84e6-e02e032104d6",
"shortName": "SolarWinds"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://www.solarwinds.com/trust-center/security-advisories/CVE-2023-23841"
},
{
"tags": [
"release-notes"
],
"url": "https://documentation.solarwinds.com/en/success_center/servu/content/release_notes/serv-u_15-4_release_notes.htm"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "SolarWinds recommends customers upgrade to SolarWinds Serv-U version 15.4 as soon as it becomes available. The expected release date is May 17, 2023."
}
],
"value": "SolarWinds recommends customers upgrade to SolarWinds Serv-U version 15.4 as soon as it becomes available. The expected release date is May 17, 2023."
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "SolarWinds Serv-U Exposure of Sensitive Information Vulnerability",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "49f11609-934d-4621-84e6-e02e032104d6",
"assignerShortName": "SolarWinds",
"cveId": "CVE-2023-23841",
"datePublished": "2023-06-15T00:00:00.000Z",
"dateReserved": "2023-01-18T00:00:00.000Z",
"dateUpdated": "2024-12-12T21:02:58.158Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-23914 (GCVE-0-2023-23914)
Vulnerability from cvelistv5 – Published: 2023-02-23 00:00 – Updated: 2025-03-12 18:52
VLAI
Summary
A cleartext transmission of sensitive information vulnerability exists in curl <v7.88.0 that could cause HSTS functionality fail when multiple URLs are requested serially. Using its HSTS support, curl can be instructed to use HTTPS instead of usingan insecure clear-text HTTP step even when HTTP is provided in the URL. ThisHSTS mechanism would however surprisingly be ignored by subsequent transferswhen done on the same command line because the state would not be properlycarried on.
Severity
9.1 (Critical)
CWE
- CWE-319 - Cleartext Transmission of Sensitive Information (CWE-319)
Assigner
References
3 references
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| n/a | https://github.com/curl/curl |
Affected:
Fixed in 7.88.0
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T10:42:27.094Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://hackerone.com/reports/1813864"
},
{
"tags": [
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20230309-0006/"
},
{
"name": "GLSA-202310-12",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/202310-12"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2023-23914",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-03-12T18:51:37.968536Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-319",
"description": "CWE-319 Cleartext Transmission of Sensitive Information",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-03-12T18:52:09.064Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "https://github.com/curl/curl",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Fixed in 7.88.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A cleartext transmission of sensitive information vulnerability exists in curl \u003cv7.88.0 that could cause HSTS functionality fail when multiple URLs are requested serially. Using its HSTS support, curl can be instructed to use HTTPS instead of usingan insecure clear-text HTTP step even when HTTP is provided in the URL. ThisHSTS mechanism would however surprisingly be ignored by subsequent transferswhen done on the same command line because the state would not be properlycarried on."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-319",
"description": "Cleartext Transmission of Sensitive Information (CWE-319)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-10-11T10:06:32.942Z",
"orgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
"shortName": "hackerone"
},
"references": [
{
"url": "https://hackerone.com/reports/1813864"
},
{
"url": "https://security.netapp.com/advisory/ntap-20230309-0006/"
},
{
"name": "GLSA-202310-12",
"tags": [
"vendor-advisory"
],
"url": "https://security.gentoo.org/glsa/202310-12"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
"assignerShortName": "hackerone",
"cveId": "CVE-2023-23914",
"datePublished": "2023-02-23T00:00:00.000Z",
"dateReserved": "2023-01-19T00:00:00.000Z",
"dateUpdated": "2025-03-12T18:52:09.064Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-23915 (GCVE-0-2023-23915)
Vulnerability from cvelistv5 – Published: 2023-02-23 00:00 – Updated: 2026-02-13 20:09
VLAI
Summary
A cleartext transmission of sensitive information vulnerability exists in curl <v7.88.0 that could cause HSTS functionality to behave incorrectly when multiple URLs are requested in parallel. Using its HSTS support, curl can be instructed to use HTTPS instead of using an insecure clear-text HTTP step even when HTTP is provided in the URL. This HSTS mechanism would however surprisingly fail when multiple transfers are done in parallel as the HSTS cache file gets overwritten by the most recentlycompleted transfer. A later HTTP-only transfer to the earlier host name would then *not* get upgraded properly to HSTS.
Severity
6.5 (Medium)
CWE
- CWE-319 - Cleartext Transmission of Sensitive Information (CWE-319)
Assigner
References
3 references
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| n/a | https://github.com/curl/curl |
Affected:
Fixed in 7.88.0
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T10:42:27.101Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://hackerone.com/reports/1826048"
},
{
"tags": [
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20230309-0006/"
},
{
"name": "GLSA-202310-12",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/202310-12"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2023-23915",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-06-03T18:46:29.585636Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-02-13T20:09:56.111Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "https://github.com/curl/curl",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Fixed in 7.88.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A cleartext transmission of sensitive information vulnerability exists in curl \u003cv7.88.0 that could cause HSTS functionality to behave incorrectly when multiple URLs are requested in parallel. Using its HSTS support, curl can be instructed to use HTTPS instead of using an insecure clear-text HTTP step even when HTTP is provided in the URL. This HSTS mechanism would however surprisingly fail when multiple transfers are done in parallel as the HSTS cache file gets overwritten by the most recentlycompleted transfer. A later HTTP-only transfer to the earlier host name would then *not* get upgraded properly to HSTS."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-319",
"description": "Cleartext Transmission of Sensitive Information (CWE-319)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-10-11T10:06:31.422Z",
"orgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
"shortName": "hackerone"
},
"references": [
{
"url": "https://hackerone.com/reports/1826048"
},
{
"url": "https://security.netapp.com/advisory/ntap-20230309-0006/"
},
{
"name": "GLSA-202310-12",
"tags": [
"vendor-advisory"
],
"url": "https://security.gentoo.org/glsa/202310-12"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
"assignerShortName": "hackerone",
"cveId": "CVE-2023-23915",
"datePublished": "2023-02-23T00:00:00.000Z",
"dateReserved": "2023-01-19T00:00:00.000Z",
"dateUpdated": "2026-02-13T20:09:56.111Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2023-25848 (GCVE-0-2023-25848)
Vulnerability from cvelistv5 – Published: 2023-08-25 18:44 – Updated: 2024-10-08 16:33
VLAI
Title
BUG-000158039 - There is an information disclosure issue in ArcGIS Server.
Summary
ArcGIS Enterprise Server versions 11.0 and below have an information disclosure vulnerability where a remote, unauthorized attacker may submit a crafted query that may result in a low severity information disclosure issue.
The information disclosed is limited to a single attribute in a database connection string. No business data is disclosed.
Severity
5.3 (Medium)
CWE
- CWE-319 - Cleartext Transmission of Sensitive Information
Assigner
References
1 reference
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Esri | ArcGIS Enterprise Server |
Affected:
10.8.1
Affected: 10.9.1 Affected: 11.0 Affected: 11.1 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T11:32:12.687Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.esri.com/arcgis-blog/products/trust-arcgis/announcements/arcgis-server-map-and-feature-service-security-2023-update-1-patch/"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-25848",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-02T15:01:22.781949Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-02T15:01:51.359Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"platforms": [
"x86"
],
"product": "ArcGIS Enterprise Server",
"vendor": "Esri",
"versions": [
{
"status": "affected",
"version": "10.8.1"
},
{
"status": "affected",
"version": "10.9.1"
},
{
"status": "affected",
"version": "11.0"
},
{
"status": "affected",
"version": "11.1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(13, 17, 23);\"\u003e\n\n\u003cp\u003e\u003cstrong\u003e\n\nArcGIS Enterprise Server versions 11.0 and below have an information disclosure vulnerability where a remote, unauthorized attacker may submit a crafted query that may result in a low severity information disclosure issue. \u003cbr\u003e\nThe information disclosed is limited to a single attribute in a database connection string. No business data is disclosed.\n\n\u003c/strong\u003e\u003cbr\u003e\u003c/p\u003e\n\n\u003c/span\u003e"
}
],
"value": "ArcGIS Enterprise Server versions 11.0 and below have an information disclosure vulnerability where a remote, unauthorized attacker may submit a crafted query that may result in a low severity information disclosure issue. \n\nThe information disclosed is limited to a single attribute in a database connection string. No business data is disclosed."
}
],
"impacts": [
{
"capecId": "CAPEC-54",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-54 Query System for Information"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-319",
"description": "CWE-319 Cleartext Transmission of Sensitive Information",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-10-08T16:33:52.950Z",
"orgId": "cedc17bb-4939-4f40-a1f4-30ae8af1094e",
"shortName": "Esri"
},
"references": [
{
"url": "https://www.esri.com/arcgis-blog/products/trust-arcgis/announcements/arcgis-server-map-and-feature-service-security-2023-update-1-patch/"
}
],
"source": {
"defect": [
"BUG-000158039"
],
"discovery": "UNKNOWN"
},
"title": "BUG-000158039 - There is an information disclosure issue in ArcGIS Server.",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "cedc17bb-4939-4f40-a1f4-30ae8af1094e",
"assignerShortName": "Esri",
"cveId": "CVE-2023-25848",
"datePublished": "2023-08-25T18:44:14.016Z",
"dateReserved": "2023-02-15T17:59:31.099Z",
"dateUpdated": "2024-10-08T16:33:52.950Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-27291 (GCVE-0-2023-27291)
Vulnerability from cvelistv5 – Published: 2024-03-03 15:39 – Updated: 2024-09-19 15:09
VLAI
Title
IBM Watson CP4D Data Stores information disclosure
Summary
IBM Watson CP4D Data Stores 4.6.0, 4.6.1, 4.6.2, and 4.6.3 does not encrypt sensitive or critical information before storage or transmission which could allow an attacker to obtain sensitive information. IBM X-Force ID: 248740.
Severity
4.5 (Medium)
CWE
- CWE-319 - Cleartext Transmission of Sensitive Information
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://www.ibm.com/support/pages/node/6965458 | vendor-advisory |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| IBM | Watson CP4D Data Stores |
Affected:
4.6.0, 4.6.1, 4.6.2, 4.6.3
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-27291",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-07-12T21:06:18.292724Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-07-12T21:06:24.217Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T12:09:43.191Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://www.ibm.com/support/pages/node/6965458"
},
{
"tags": [
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/248740"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Watson CP4D Data Stores",
"vendor": "IBM",
"versions": [
{
"status": "affected",
"version": "4.6.0, 4.6.1, 4.6.2, 4.6.3"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "IBM Watson CP4D Data Stores 4.6.0, 4.6.1, 4.6.2, and 4.6.3 does not encrypt sensitive or critical information before storage or transmission which could allow an attacker to obtain sensitive information. IBM X-Force ID: 248740."
}
],
"value": "IBM Watson CP4D Data Stores 4.6.0, 4.6.1, 4.6.2, and 4.6.3 does not encrypt sensitive or critical information before storage or transmission which could allow an attacker to obtain sensitive information. IBM X-Force ID: 248740."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-319",
"description": "CWE-319 Cleartext Transmission of Sensitive Information",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-09-19T15:09:09.016Z",
"orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"shortName": "ibm"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://www.ibm.com/support/pages/node/6965458"
},
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/248740"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "IBM Watson CP4D Data Stores information disclosure",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"assignerShortName": "ibm",
"cveId": "CVE-2023-27291",
"datePublished": "2024-03-03T15:39:55.755Z",
"dateReserved": "2023-02-27T17:47:22.587Z",
"dateUpdated": "2024-09-19T15:09:09.016Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Mitigation
Phase: Architecture and Design
Description:
- Before transmitting, encrypt the data using reliable, confidentiality-protecting cryptographic protocols.
Mitigation
Phase: Implementation
Description:
- When using web applications with SSL, use SSL for the entire session from login to logout, not just for the initial login page.
Mitigation
Phase: Implementation
Description:
- When designing hardware platforms, ensure that approved encryption algorithms (such as those recommended by NIST) protect paths from security critical data to trusted user applications.
Mitigation
Phase: Testing
Description:
- Use tools and techniques that require manual (human) analysis, such as penetration testing, threat modeling, and interactive tools that allow the tester to record and modify an active session. These may be more effective than strictly automated techniques. This is especially the case with weaknesses that are related to design and business rules.
Mitigation
Phase: Operation
Description:
- Configure servers to use encrypted channels for communication, which may include SSL or other secure protocols.
CAPEC-102: Session Sidejacking
Session sidejacking takes advantage of an unencrypted communication channel between a victim and target system. The attacker sniffs traffic on a network looking for session tokens in unencrypted traffic. Once a session token is captured, the attacker performs malicious actions by using the stolen token with the targeted application to impersonate the victim. This attack is a specific method of session hijacking, which is exploiting a valid session token to gain unauthorized access to a target system or information. Other methods to perform a session hijacking are session fixation, cross-site scripting, or compromising a user or server machine and stealing the session token.
CAPEC-117: Interception
An adversary monitors data streams to or from the target for information gathering purposes. This attack may be undertaken to solely gather sensitive information or to support a further attack against the target. This attack pattern can involve sniffing network traffic as well as other types of data streams (e.g. radio). The adversary can attempt to initiate the establishment of a data stream or passively observe the communications as they unfold. In all variants of this attack, the adversary is not the intended recipient of the data stream. In contrast to other means of gathering information (e.g., targeting data leaks), the adversary must actively position themself so as to observe explicit data channels (e.g. network traffic) and read the content. However, this attack differs from a Adversary-In-the-Middle (CAPEC-94) attack, as the adversary does not alter the content of the communications nor forward data to the intended recipient.
CAPEC-383: Harvesting Information via API Event Monitoring
An adversary hosts an event within an application framework and then monitors the data exchanged during the course of the event for the purpose of harvesting any important data leaked during the transactions. One example could be harvesting lists of usernames or userIDs for the purpose of sending spam messages to those users. One example of this type of attack involves the adversary creating an event within the sub-application. Assume the adversary hosts a "virtual sale" of rare items. As other users enter the event, the attacker records via AiTM (CAPEC-94) proxy the user_ids and usernames of everyone who attends. The adversary would then be able to spam those users within the application using an automated script.
CAPEC-477: Signature Spoofing by Mixing Signed and Unsigned Content
An attacker exploits the underlying complexity of a data structure that allows for both signed and unsigned content, to cause unsigned data to be processed as though it were signed data.
CAPEC-65: Sniff Application Code
An adversary passively sniffs network communications and captures application code bound for an authorized client. Once obtained, they can use it as-is, or through reverse-engineering glean sensitive information or exploit the trust relationship between the client and server. Such code may belong to a dynamic update to the client, a patch being applied to a client component or any such interaction where the client is authorized to communicate with the server.