CWE-5

J2EE Misconfiguration: Data Transmission Without Encryption

1 CVEs Avg CVSS 7.5 MITRE

0

CRITICAL

1

HIGH

0

MEDIUM

0

LOW

0

POC

0

KEV

Monthly

CVE-2025-52435 HIGH PATCH This Week

J2EE Misconfiguration: Data Transmission Without Encryption vulnerability in Apache NimBLE. Improper handling of Pause Encryption procedure on Link Layer results in a previously encrypted connection being left in un-encrypted state allowing an eavesdropper to observe the remainder of the exchange. [CVSS 7.5 HIGH]

Apache Nimble

NVD GitHub

CVSS 3.1

7.5

EPSS

0.0%

CVE-2025-52435

EPSS 0% CVSS 7.5

HIGH PATCH This Week

J2EE Misconfiguration: Data Transmission Without Encryption vulnerability in Apache NimBLE. Improper handling of Pause Encryption procedure on Link Layer results in a previously encrypted connection being left in un-encrypted state allowing an eavesdropper to observe the remainder of the exchange. [CVSS 7.5 HIGH]

Apache Nimble

NVD GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy