7 matches found
CVE-2025-34271 Nagios Log Server < 2024R2.0.2 Cluster Manager Credential Requests Sent Over Plaintext
Nagios Log Server versions prior to 2024R2.0.2 contain a vulnerability in the cluster manager component when requesting sensitive credentials from peer nodes over an unencrypted channel even when SSL/TLS is enabled in the product configuration. As a result, an attacker positioned on the network...
CVE-2025-54156
CVE-2025-54156 concerns the Sante PACS Server Web Portal, where credential information is transmitted without encryption. The advisory set across sources indicates the web portal transmits credentials in cleartext, creating a confidentiality risk (CVE-2025-54156). The CVE is evaluated with high i...
PT-2024-38563 · Unknown · Ewon Flexy 202
Name of the Vulnerable Software and Affected Versions: EWON FLEXY 202 affected versions not specified Description: The issue concerns the transmission of credentials using a weak encoding method, specifically base64. An attacker present in the network can intercept the traffic and decode the...
PT-2024-29610 · Opentext · Opentext Documentum Server
Name of the Vulnerable Software and Affected Versions: OpenText Documentum Server versions 16.7 through 23.4 Description: The issue is related to an Unprotected Transport of Credentials vulnerability in OpenText Documentum Server, which could allow Credential Stuffing. Recommendations: For versio...
CVE-2019-3640
Unprotected Transport of Credentials in ePO extension in McAfee Data Loss Prevention 11.x prior to 11.4.0 allows remote attackers with access to the network to collect login details to the LDAP server via the ePO extension not using a secure connection when testing LDAP connectivity...
CVE-2019-9013
An issue was discovered in 3S-Smart CODESYS V3 products. The application may utilize non-TLS based encryption, which results in user credentials being insufficiently protected during transport. All variants of the following CODESYS V3 products in all versions containing the CmpUserMgr component a...
CVE-2017-1694
IBM Integration Bus 9.0 and 10.0 transmits user credentials in plain in clear text which can be read by an attacker using man in the middle techniques. IBM X-Force ID: 134165...