Description

The system is not masking the data in the request and/or response, allowing sensitive and confidential information to be known.

Impact

Become aware of sensitive and/or confidential user information.

Recommendation

The system sends sensitive information through a channel or method that does not guarantee its confidentiality or integrity.

Threat

Anonymous attacker from adjacent network running a MitM.

Expected Remediation Time

⏱️ 30 minutes.

Requirements

Fixes