NIST 800-53 r5 · Controls catalogue · Family SC
SC-9Transmission Confidentiality
Transmission Confidentiality
Last updated: 09 May 2026 03:25 UTC
Implementations targeting this control (0)
- No implementations targeting this control yet.
ATT&CK techniques this control mitigates (0)
- No ATT&CK techniques mapped to this control yet.
Weaknesses this control addresses (4)AI
CWEs ranked by how often they appear in real CVEs. The rationale describes how this control reduces exploitability of each weakness class.
| CWE | Name | CVEs | Why this control addresses it |
|---|---|---|---|
CWE-319 | Cleartext Transmission of Sensitive Information | 1,042 | Directly prevents cleartext transmission of sensitive information by requiring encryption or equivalent confidentiality protections during transit. |
CWE-598 | Use of GET Request Method With Sensitive Query Strings | 75 | Protects sensitive data placed in query strings from interception in transit when confidentiality controls like HTTPS are enforced. |
CWE-300 | Channel Accessible by Non-Endpoint | 53 | Renders the transmission channel inaccessible to non-endpoint eavesdroppers through encryption, eliminating the weakness class. |
CWE-523 | Unprotected Transport of Credentials | 20 | Prevents unprotected transport of credentials by mandating confidentiality mechanisms such as TLS for all sensitive data flows. |
Top CVEs where this control is the strongest mitigation
| CVE | Risk | CVSS | EPSS | Match |
|---|---|---|---|---|
CVE-2024-44276 | 1.5 | 7.3 | 0.0006 | good |
CVE-2024-36558 | 1.5 | 7.5 | 0.0005 | good |