Cleartext Transmission of Sensitive Information
| Property | |
|---|---|
| Language |  |
| Severity |  |
| CWE | CWE-319: Cleartext Transmission of Sensitive Information |
| OWASP | A03:2017 - Sensitive Data Exposure |
| Confidence Level | Medium |
| Impact Level | Medium |
| Likelihood Level | Medium |
Description#
The code sets up a Telnet server or client, which communicates without encrypting data. This means any sensitive information sent or received (like passwords) can be viewed by anyone monitoring the network.
Impact#
Attackers can intercept and read all information exchanged over Telnet, including credentials and private data. This exposes users and systems to risks like credential theft, unauthorized access, and data breaches.