Cyber Resilience

NIST 800-53 r5 · Controls catalogue · Family SC

SC-9Transmission Confidentiality

Transmission Confidentiality

Last updated: 04 July 2026 00:28 UTC

Implementations targeting this control (0)

ATT&CK techniques this control mitigates (0)

Weaknesses this control addresses (4)AI

CWEs ranked by how often they appear in real CVEs. The rationale describes how this control reduces exploitability of each weakness class.

CWE Name CVEs Why this control addresses it
CWE-319Cleartext Transmission of Sensitive Information1,076Directly prevents cleartext transmission of sensitive information by requiring encryption or equivalent confidentiality protections during transit.
CWE-598Use of HTTP Request With Sensitive Query String80Protects sensitive data placed in query strings from interception in transit when confidentiality controls like HTTPS are enforced.
CWE-300Channel Accessible by Non-Endpoint54Renders the transmission channel inaccessible to non-endpoint eavesdroppers through encryption, eliminating the weakness class.
CWE-523Unprotected Transport of Credentials23Prevents unprotected transport of credentials by mandating confidentiality mechanisms such as TLS for all sensitive data flows.

Top CVEs where this control is the strongest mitigation

CVE Risk CVSS EPSS Match
CVE-2025-700485.57.50.0019good
CVE-2024-442765.57.30.0024good
CVE-2025-10174 UPD5.58.30.0012good
CVE-2026-236615.57.50.0070good
CVE-2025-137181.53.70.0018good
CVE-2024-365585.57.50.0014good

Other controls in family SC

SC-1 SC-10 SC-11 SC-12 SC-13 SC-14 SC-15 SC-16 SC-17 SC-18 SC-19 SC-2 SC-20 SC-21 SC-22 SC-23 SC-24 SC-25 SC-26 SC-27 SC-28 SC-29 SC-3 SC-30 SC-31 SC-32 SC-33 SC-34 SC-35 SC-36 SC-37 SC-38 SC-39 SC-4 SC-40 SC-41 SC-42 SC-43 SC-44 SC-45 SC-46 SC-47 SC-48 SC-49 SC-5 SC-50 SC-51 SC-6 SC-7 SC-8