BaseDraft
CWE-319Cleartext Transmission of Sensitive Information
Category: data-exposure
Description
The product transmits sensitive or security-critical data in cleartext in a communication channel that can be sniffed by unauthorized actors.
Common consequences· 2
- Integrity / Confidentiality — Read Application Data, Modify Files or DirectoriesAnyone can read the information by gaining access to the channel being used for communication. Many communication channels can be "sniffed" (monitored) by adversaries during data transmission. For example, in networking, packets can traverse many intermediary nodes from the source to the destination, whether across the internet, an internal network, the cloud, etc. Some actors might have privileged access to a network interface or any link along the channel, such as a router, but they might not be authorized to collect the underlying data. As a result, network traffic could be sniffed by adversaries, spilling security-critical data.
- Integrity / Confidentiality — Read Application Data, Modify Files or Directories, OtherWhen full communications are recorded or logged, such as with a packet dump, an adversary could attempt to obtain the dump long after the transmission has occurred and try to "sniff" the cleartext from the recorded communications in the dump itself. Even if the information is encoded in a way that is not human-readable, certain techniques could determine which encoding is being used, then decode the information.
Potential mitigations· 5
- [Architecture and Design]Before transmitting, encrypt the data using reliable, confidentiality-protecting cryptographic protocols.
- [Implementation]When using web applications with SSL, use SSL for the entire session from login to logout, not just for the initial login page.
- [Implementation]When designing hardware platforms, ensure that approved encryption algorithms (such as those recommended by NIST) protect paths from security critical data to trusted user applications.
- [Testing]Use tools and techniques that require manual (human) analysis, such as penetration testing, threat modeling, and interactive tools that allow the tester to record and modify an active session. These may be more effective than strictly automated techniques. This is especially the case with weaknesses that are related to design and business rules.
- [Operation]Configure servers to use encrypted channels for communication, which may include SSL or other secure protocols.
Related CAPEC attack patterns· 5
References
Exploits (incoming)5
| Type | Target | Confidence | Tier |
|---|---|---|---|
| AttackPattern | Interceptioncapec-117 | 100% | live |
| AttackPattern | Sniff Application Codecapec-65 | 100% | live |
| AttackPattern | Harvesting Information via API Event Monitoringcapec-383 | 100% | live |
| AttackPattern | Session Sidejackingcapec-102 | 100% | live |
| AttackPattern | Signature Spoofing by Mixing Signed and Unsigned Contentcapec-477 | 100% | live |
Compliance frameworks addressing this (incoming)6
| Type | Target | Confidence | Tier |
|---|---|---|---|
| ComplianceControl | gdpr-art25 | 100% | live |
| ComplianceControl | nis2-art21h | 100% | live |
| ComplianceControl | pci_dss_v4-r4 | 100% | live |
| ComplianceControl | cra-annexi-1 | 100% | live |
| ComplianceControl | nis2-art21j | 100% | live |
| ComplianceControl | owasp_top10-a02 | 100% | live |
(incoming)22
| Type | Target | Confidence | Tier |
|---|---|---|---|
| Vulnerability | CVE-2025-10174cve-2025-10174 | 0% | live |
| Vulnerability | CVE-2025-12508cve-2025-12508 | 0% | live |
| Vulnerability | CVE-2025-23060cve-2025-23060 | 0% | live |
| Vulnerability | CVE-2025-2311cve-2025-2311 | 0% | live |
| Vulnerability | CVE-2025-26199cve-2025-26199 | 0% | live |
| Vulnerability | CVE-2025-32880cve-2025-32880 | 0% | live |
| Vulnerability | CVE-2025-34271cve-2025-34271 | 0% | live |
| Vulnerability | CVE-2025-4378cve-2025-4378 | 0% | live |
| Vulnerability | CVE-2025-50110cve-2025-50110 | 0% | live |
| Vulnerability | CVE-2025-52351cve-2025-52351 | 0% | live |
| Vulnerability | CVE-2025-54818cve-2025-54818 | 0% | live |
| Vulnerability | CVE-2025-55976cve-2025-55976 | 0% | live |
| Vulnerability | CVE-2025-56447cve-2025-56447 | 0% | live |
| Vulnerability | CVE-2025-59852cve-2025-59852 | 0% | live |
| Vulnerability | CVE-2025-61481cve-2025-61481 | 0% | live |
| Vulnerability | CVE-2025-62643cve-2025-62643 | 0% | live |
| Vulnerability | CVE-2025-65827cve-2025-65827 | 0% | live |
| Vulnerability | CVE-2025-69969cve-2025-69969 | 0% | live |
| Vulnerability | CVE-2025-7743cve-2025-7743 | 0% | live |
| Vulnerability | CVE-2026-24060cve-2026-24060 | 0% | live |
| Vulnerability | CVE-2026-5119cve-2026-5119 | 0% | live |
| Vulnerability | CVE-2026-7610cve-2026-7610 | 0% | live |
Related by meaning· 6
Nearest entities by semantic similarity across the cs-graph corpus.