logo

CWE-5 - J2EE Misconfiguration: Data Transmission Without Encryption

CWE-5

  • Abstraction:
  • Variant
  • Structure:
  • Simple
  • Status:
  • Draft
Weakness Name

J2EE Misconfiguration: Data Transmission Without Encryption

Description

Information sent over a network can be compromised while in transit. An attacker may be able to read or modify the contents if the data are sent in plaintext or are weakly encrypted.

Common Consequences

Scope: Confidentiality

Impact: Read Application Data

Scope: Integrity

Impact: Modify Application Data

Related Weaknesses

CWE-319Cleartext Transmission of Sensitive InformationHigh

  • Release Date:
  • 2006-07-19
  • Latest Modification Date:
  • 2023-06-29

Free security scan for your website