CVE-2022-41327

MEDIUM Year: 2022
CVSS v3 Score
4.4
Medium
Weakness Type
CWE-319
View all →

Vulnerability Description

A cleartext transmission of sensitive information vulnerability [CWE-319] in Fortinet FortiOS version 7.2.0 through 7.2.4, 7.0.0 through 7.0.8, FortiProxy version 7.2.0 through 7.2.1 and 7.0.0 through 7.0.8 allows an authenticated attacker with readonly superadmin privileges to intercept traffic in order to obtain other adminstrators cookies via diagnose CLI commands.

Related Vulnerabilities

CVE-2021-39077

MEDIUM
CVSS:4.4(Medium)

IBM Security Guardium 10.5, 10.6, 11.0, 11.1, 11.2, 11.3, and 11.4 stores user credentials in plain clear text which can be read by a local privileged user. IBM X-Force ID: 215587.

CWE-3192021

CVE-2022-20243

MEDIUM
CVSS:4.4(Medium)

In Core Utilities, there is a possible log information disclosure. This could lead to local information disclosure of sensitive browsing data with System execution privileges needed. User interaction ...

CWE-3192022

CVE-2022-22457

MEDIUM
CVSS:4.4(Medium)

IBM Security Verify Governance, Identity Manager 10.0.1 stores sensitive information including user credentials in plain clear text which can be read by a local privileged user. IBM X-Force ID: 225007...

CWE-3192022

CVE-2025-40583

MEDIUM
CVSS:4.4(Medium)

A vulnerability has been identified in SCALANCE LPE9403 (6GK5998-3GS00-2AC2) (All versions with SINEMA Remote Connect Edge Client installed). Affected devices do transmit sensitive information in clea...

CWE-3192025

CVE-2021-23896

MEDIUM
CVSS:4.5(Medium)

Cleartext Transmission of Sensitive Information vulnerability in the administrator interface of McAfee Database Security (DBSec) prior to 4.8.2 allows an administrator to view the unencrypted password...

CWE-3192021

CVE-2018-11399

MEDIUM
CVSS:4.3(Medium)

SimpliSafe Original has Unencrypted Sensor Transmissions, which allows physically proximate attackers to obtain potentially sensitive information about the specific times when alarm-system events occu...

CWE-3192018