Cleartext Transmission of Sensitive Information
| Property | |
|---|---|
| Language |  |
| Severity |  |
| CWE | CWE-319: Cleartext Transmission of Sensitive Information |
| OWASP | A03:2017 - Sensitive Data Exposure |
| Confidence Level | Low |
| Impact Level | Low |
| Likelihood Level | Low |
Description#
Using Python’s telnetlib sends all data, including passwords, over the network without encryption. This makes sensitive information easily accessible to anyone who can intercept the traffic.
Impact#
Attackers can eavesdrop on network communications and steal credentials or other sensitive data sent via Telnet, leading to unauthorized access and data breaches. Using unencrypted protocols like Telnet exposes your users and systems to significant security risks.