Lucene search
Veracode Vulnerability DatabaseVERACODE:47168HistoryMay 24, 2024 - 8:46 a.m.
Cleartext Transmission Of Sensitive Information
2024-05-2408:46:47
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
7
sensitive information
vulnerable
unencrypted channels
network
man-in-the-middle
CVSS3
7.3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
AI Score
6.7
Confidence
High
EPSS
0
Percentile
16.0%
NASA AIT-Core is vulnerable to Cleartext Transmission of Sensitive Information. The vulnerability is due to using unencrypted channels to exchange data over the network, which allows an attacker to conduct a Man-in-the-Middle attack.
Related
github
github
NASA AIT-Core uses unencrypted channels to exchange data over the network
2024-05-21 21:30:27
osv
osv
NASA AIT-Core uses unencrypted channels to exchange data over the network
2024-05-21 21:30:27
vulnrichment
vulnrichment
CVE-2024-35061
2024-05-21 00:00:00
nvd
nvd
CVE-2024-35061
2024-05-21 19:15:10
cve
cve
CVE-2024-35061
2024-05-21 19:15:10
cvelist
cvelist
CVE-2024-35061
2024-05-21 00:00:00
CVSS3
7.3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
AI Score
6.7
Confidence
High
EPSS
0
Percentile
16.0%
Related for VERACODE:47168