Cleartext Transmission of Sensitive Information
| Property | |
|---|---|
| Language |  |
| Severity |  |
| CWE | CWE-319: Cleartext Transmission of Sensitive Information |
| OWASP | A03:2017 - Sensitive Data Exposure |
| Confidence Level | Low |
| Impact Level | Low |
| Likelihood Level | Low |
Description#
The code creates a network socket without encryption, which means data sent over the connection is transmitted in plain text. This makes it easy for attackers to intercept and read sensitive information.
Impact#
If exploited, attackers on the same network could capture and view confidential data such as passwords or personal information sent through the socket. This can lead to data breaches, loss of user trust, and possible regulatory violations.