CWE-5
2 CVEs • Abstraction: Variant
J2EE Misconfiguration: Data Transmission Without Encryption
Information sent over a network can be compromised while in transit. An attacker may be able to read or modify the contents if the data are sent in plaintext or are weakly encrypted.
CVEs (2)
CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS |
|---|
J2EE Misconfiguration: Data Transmission Without Encryption vulnerability in Apache NimBLE. Improper handling of Pause Encryption procedure on Link Layer results in a previously encrypted connection being left in un-enc...Show more |
1Aqara 3Camera Hub G3 Firmware Hub M2 FirmwareHub M3 FirmwareJun 17, 2026 Dec 10, 2025 N/A· v4 7.5 HIGH· v3 N/A· v2 Aqara Hub devices including Camera Hub G3 4.1.9_0027, Hub M2 4.3.6_0027, and Hub M3 4.3.6_0025 automatically collect and upload unencrypted sensitive information. Note that this occurs without disclosure or consent from...Show more |