Use of plain HTTP.
| Property | |
|---|---|
| Language |  |
| Severity |  |
| Service | network |
| Provider | Nifcloud |
| Vulnerability Type | misconfiguration |
Description#
The configuration allows network traffic over plain HTTP, which transmits data without encryption. This exposes sensitive information to anyone able to intercept the network traffic.
Impact#
Attackers can eavesdrop on unencrypted HTTP traffic, potentially capturing credentials, session tokens, or other confidential data in transit. This can lead to data breaches, credential theft, and compromise of user or organizational information.
Resolution#
Switch to HTTPS to benefit from TLS security features