CWE-5 - J2EE Misconfiguration: Data Transmission Without Encryption
- Abstraction:
- Variant
- Structure:
- Simple
- Status:
- Draft
- Weakness Name
J2EE Misconfiguration: Data Transmission Without Encryption
- Description
Information sent over a network can be compromised while in transit. An attacker may be able to read or modify the contents if the data are sent in plaintext or are weakly encrypted.
- Common Consequences
Scope: Confidentiality
Impact: Read Application Data
Scope: Integrity
Impact: Modify Application Data
- Related Weaknesses
- Release Date:
- 2006-07-19
- Latest Modification Date:
- 2023-06-29
Free online web security scanner