CWE-200: Exposure of Sensitive Information to an Unauthorized Actor vulnerability exists that could cause exposure of credentials when attacker has access to application on network over http
https://www.cisa.gov/news-events/ics-advisories/icsa-25-030-03