CVEbaza.plCWE DictionaryCWE-5
Common Weakness Enumeration

CWE-5

J2EE Misconfiguration: Data Transmission Without Encryption

Category: VariantCVE: 2
Description

Information sent over a network can be compromised while in transit. An attacker may be able to read or modify the contents if the data are sent in plaintext or are weakly encrypted.

CVE vulnerabilities with CWE-5 (2)
7.5
CVSS
HIGH
CVE-2025-52435

J2EE Misconfiguration: Data Transmission Without Encryption vulnerability in Apache NimBLE. Improper handling of Pause Encryption procedure on Link Layer results in a previously encrypted connection being left in un-encrypted state allowing an eavesdropper to observe the remainder of the exchange. This issue affects Apache NimBLE: through <= 1.8.0. Users are recommended to upgrade to version 1.9.0, which fixes the issue.

pub. 2026-01-10
7.5
CVSS
HIGH
CVE-2025-65297

Aqara Hub devices including Camera Hub G3 4.1.9_0027, Hub M2 4.3.6_0027, and Hub M3 4.3.6_0025 automatically collect and upload unencrypted sensitive information. Note that this occurs without disclosure or consent from the manufacturer.

pub. 2025-12-10
Information
ID: CWE-5
Type: Variant
Vulnerabilities: 2
MITRE CWE ↗
← CWE Dictionary