Common Weakness Enumeration

CWE-256

Allowed

Plaintext Storage of a Password

Abstraction: Base · Status: Incomplete

The product stores a password in plaintext within resources such as memory or files.

397 vulnerabilities reference this CWE, most recent first.

GHSA-3MGG-3HQG-JJQ6

Vulnerability from github – Published: 2024-12-18 18:30 – Updated: 2024-12-18 18:30
VLAI
Details

IBM Storage Defender - Resiliency Service 2.0.0 through 2.0.9

could allow a privileged user to obtain highly sensitive user credentials from secret keys that are stored in clear text.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2023-50956"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-256"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-12-18T16:15:10Z",
    "severity": "MODERATE"
  },
  "details": "IBM Storage Defender - Resiliency Service 2.0.0 through 2.0.9 \n\ncould allow a privileged user to obtain highly sensitive user credentials from secret keys that are stored in clear text.",
  "id": "GHSA-3mgg-3hqg-jjq6",
  "modified": "2024-12-18T18:30:52Z",
  "published": "2024-12-18T18:30:51Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-50956"
    },
    {
      "type": "WEB",
      "url": "https://www.ibm.com/support/pages/node/7178587"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-3PMF-5HR9-R9R6

Vulnerability from github – Published: 2025-02-27 21:32 – Updated: 2025-02-28 18:31
VLAI
Details

Draytek devices Vigor 165/166 prior to v4.2.6 , Vigor 2620/LTE200 prior to v3.9.8.8, Vigor 2860/2925 prior to v3.9.7, Vigor 2862/2926 prior to v3.9.9.4, Vigor 2133/2762/2832 prior to v3.9.8, Vigor 2135/2765/2766 prior to v4.4.5.1, Vigor 2865/2866/2927 prior to v4.4.5.3, Vigor 2962/3910 prior to v4.3.2.7, Vigor 3912 prior to v4.3.5.2, and Vigor 2925 up to v3.9.6 were discovered to store passwords in plaintext.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2024-41336"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-256"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-02-27T21:15:36Z",
    "severity": "HIGH"
  },
  "details": "Draytek devices Vigor 165/166 prior to v4.2.6 , Vigor 2620/LTE200 prior to v3.9.8.8, Vigor 2860/2925 prior to v3.9.7, Vigor 2862/2926 prior to v3.9.9.4, Vigor 2133/2762/2832 prior to v3.9.8, Vigor 2135/2765/2766 prior to v4.4.5.1, Vigor 2865/2866/2927 prior to v4.4.5.3, Vigor 2962/3910 prior to v4.3.2.7, Vigor 3912 prior to v4.3.5.2, and Vigor 2925 up to v3.9.6 were discovered to store passwords in plaintext.",
  "id": "GHSA-3pmf-5hr9-r9r6",
  "modified": "2025-02-28T18:31:01Z",
  "published": "2025-02-27T21:32:17Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-41336"
    },
    {
      "type": "WEB",
      "url": "https://medium.com/faraday/advisory-multiple-vulnerabilities-affecting-draytek-routers-78a6cb8b3946"
    },
    {
      "type": "WEB",
      "url": "http://draytek.com"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-3RCX-PWRP-RJR2

Vulnerability from github – Published: 2024-06-14 15:31 – Updated: 2024-08-01 15:31
VLAI
Details

LB-LINK BL-W1210M v2.0 was discovered to store user credentials in plaintext within the router's firmware.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2024-33375"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-256"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-06-14T15:15:50Z",
    "severity": "CRITICAL"
  },
  "details": "LB-LINK BL-W1210M v2.0 was discovered to store user credentials in plaintext within the router\u0027s firmware.",
  "id": "GHSA-3rcx-pwrp-rjr2",
  "modified": "2024-08-01T15:31:49Z",
  "published": "2024-06-14T15:31:25Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-33375"
    },
    {
      "type": "WEB",
      "url": "https://github.com/ShravanSinghRathore/Security-Advisory-Multiple-Vulnerabilities-in-LB-link-BL-W1210M-Router/wiki/Credentials-Stored-in-Cleartext--%7C--Unencrypted-Credentials-%28CVE%E2%80%902024%E2%80%9033375%29"
    },
    {
      "type": "WEB",
      "url": "https://redfoxsec.com/blog/security-advisory-multiple-vulnerabilities-in-lb-link-bl-w1210m-router"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-3WFW-CF7H-38C7

Vulnerability from github – Published: 2024-09-11 18:31 – Updated: 2024-09-11 18:31
VLAI
Details

A vulnerability in the storage method of the PON Controller configuration file could allow an authenticated, local attacker with low privileges to obtain the MongoDB credentials.

This vulnerability is due to improper storage of the unencrypted database credentials on the device that is running Cisco IOS XR Software. An attacker could exploit this vulnerability by accessing the configuration files on an affected system. A successful exploit could allow the attacker to view MongoDB credentials.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2024-20489"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-256",
      "CWE-522"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-09-11T17:15:13Z",
    "severity": "HIGH"
  },
  "details": "A vulnerability in the storage method of the PON Controller configuration file could allow an authenticated, local attacker with low privileges to obtain the MongoDB credentials.\n\nThis vulnerability is due to improper storage of the unencrypted database credentials on the device that is running Cisco IOS XR Software. An attacker could exploit this vulnerability by accessing the configuration files on an affected system. A successful exploit could allow the attacker to view MongoDB credentials.",
  "id": "GHSA-3wfw-cf7h-38c7",
  "modified": "2024-09-11T18:31:08Z",
  "published": "2024-09-11T18:31:08Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-20489"
    },
    {
      "type": "WEB",
      "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxr-ponctlr-ci-OHcHmsFL"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-4777-JJJG-6MXH

Vulnerability from github – Published: 2025-05-27 03:30 – Updated: 2025-05-27 03:30
VLAI
Details

IBM Controller 11.0.0, 11.0.1, and 11.1.0 application could allow an authenticated user to obtain sensitive credentials that may be inadvertently included within the source code.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2025-33079"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-256",
      "CWE-522"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-05-27T02:15:19Z",
    "severity": "MODERATE"
  },
  "details": "IBM Controller 11.0.0, 11.0.1, and 11.1.0 application could allow an authenticated user to obtain sensitive credentials that may be inadvertently included within the source code.",
  "id": "GHSA-4777-jjjg-6mxh",
  "modified": "2025-05-27T03:30:24Z",
  "published": "2025-05-27T03:30:24Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-33079"
    },
    {
      "type": "WEB",
      "url": "https://www.ibm.com/support/pages/node/7234720"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-485Q-V457-3P58

Vulnerability from github – Published: 2022-05-24 17:33 – Updated: 2022-12-22 13:49
VLAI
Summary
Passwords stored in plain text by Mail Commander Plugin for Jenkins-ci Plugin
Details

Jenkins Mail Commander Plugin for Jenkins-ci Plugin 1.0.0 and earlier stores passwords unencrypted in job config.xml files on the Jenkins controller where they can be viewed by users with Extended Read permission, or access to the Jenkins controller file system.

Show details on source website

{
  "affected": [
    {
      "package": {
        "ecosystem": "Maven",
        "name": "org.jenkins-ci.plugins:mailcommander"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "last_affected": "1.0.0"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2020-2318"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-256",
      "CWE-522"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2022-12-22T13:49:20Z",
    "nvd_published_at": "2020-11-04T15:15:00Z",
    "severity": "MODERATE"
  },
  "details": "Jenkins Mail Commander Plugin for Jenkins-ci Plugin 1.0.0 and earlier stores passwords unencrypted in job config.xml files on the Jenkins controller where they can be viewed by users with Extended Read permission, or access to the Jenkins controller file system.",
  "id": "GHSA-485q-v457-3p58",
  "modified": "2022-12-22T13:49:20Z",
  "published": "2022-05-24T17:33:09Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-2318"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/jenkinsci/mail-commander-plugin"
    },
    {
      "type": "WEB",
      "url": "https://www.jenkins.io/security/advisory/2020-11-04/#SECURITY-2085"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
      "type": "CVSS_V3"
    }
  ],
  "summary": "Passwords stored in plain text by Mail Commander Plugin for Jenkins-ci Plugin"
}

GHSA-4CPQ-X93Q-3PX9

Vulnerability from github – Published: 2024-04-25 18:30 – Updated: 2024-04-25 18:30
VLAI
Details

A flaw was found in how Quay's database is stored in plain-text in mirror-registry on the jinja's config.yaml file. This flaw allows a malicious actor with access to this file to gain access to Quay's database.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2024-3624"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-256"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-04-25T18:15:10Z",
    "severity": "HIGH"
  },
  "details": "A flaw was found in how Quay\u0027s database is stored in plain-text in mirror-registry on the jinja\u0027s config.yaml file. This flaw allows a malicious actor with access to this file to gain access to Quay\u0027s database.",
  "id": "GHSA-4cpq-x93q-3px9",
  "modified": "2024-04-25T18:30:40Z",
  "published": "2024-04-25T18:30:40Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-3624"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/security/cve/CVE-2024-3624"
    },
    {
      "type": "WEB",
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2274407"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-4H2J-P4RJ-JR68

Vulnerability from github – Published: 2024-06-14 06:34 – Updated: 2024-07-04 06:35
VLAI
Details

Coredump binaries in Toshiba printers have incorrect permissions. A local attacker can steal confidential information. As for the affected products/models/versions, see the reference URL.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2024-27166"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-256"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-06-14T04:15:34Z",
    "severity": "HIGH"
  },
  "details": "Coredump binaries in Toshiba printers have incorrect permissions. A local attacker can steal confidential information. As for the affected products/models/versions, see the reference URL.",
  "id": "GHSA-4h2j-p4rj-jr68",
  "modified": "2024-07-04T06:35:04Z",
  "published": "2024-06-14T06:34:46Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-27166"
    },
    {
      "type": "WEB",
      "url": "https://jvn.jp/en/vu/JVNVU97136265/index.html"
    },
    {
      "type": "WEB",
      "url": "https://www.toshibatec.com/information/20240531_01.html"
    },
    {
      "type": "WEB",
      "url": "https://www.toshibatec.com/information/pdf/information20240531_01.pdf"
    },
    {
      "type": "WEB",
      "url": "http://seclists.org/fulldisclosure/2024/Jul/1"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-4J9M-H44M-2HV8

Vulnerability from github – Published: 2026-07-02 20:32 – Updated: 2026-07-02 20:32
VLAI
Summary
Steeltoe: OAEP setting silently selects PKCS#1 v1.5 padding
Details

Summary

Configuring encrypt:rsa:algorithm=OAEP does not enable OAEP encryption. Due to an incorrect BouncyCastle transformation string, the OAEP setting selects PKCS#1 v1.5, which is the same algorithm as the DEFAULT setting.

Impact

Operators who configure encrypt:rsa:algorithm=OAEP to obtain CCA2-secure padding receive PKCS#1 v1.5 instead. Currently, Decrypt() is called only against operator-controlled configuration data, so no exploitable path exists, but any future code path that exposes a decryption oracle would be Bleichenbacher-vulnerable despite the OAEP setting.

Migration note

Existing {cipher} values produced under the broken OAEP setting were encrypted with PKCS#1 v1.5. The fix makes OAEP use actual OAEP padding, so those values will fail to decrypt after upgrading. Re-encrypt all affected {cipher} values after upgrading.

Show details on source website

{
  "affected": [
    {
      "database_specific": {
        "last_known_affected_version_range": "\u003c= 4.1.0"
      },
      "package": {
        "ecosystem": "NuGet",
        "name": "Steeltoe.Configuration.Encryption"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "4.0.0"
            },
            {
              "fixed": "4.2.0"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2026-50268"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-256",
      "CWE-327"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2026-07-02T20:32:21Z",
    "nvd_published_at": "2026-06-17T23:17:04Z",
    "severity": "LOW"
  },
  "details": "### Summary\n\nConfiguring `encrypt:rsa:algorithm=OAEP` does not enable OAEP encryption. Due to an incorrect BouncyCastle transformation string, the `OAEP` setting selects PKCS#1 v1.5, which is the same algorithm as the `DEFAULT` setting.\n\n### Impact\n\nOperators who configure `encrypt:rsa:algorithm=OAEP` to obtain CCA2-secure padding receive PKCS#1 v1.5 instead. Currently, `Decrypt()` is called only against operator-controlled configuration data, so no exploitable path exists, but any future code path that exposes a decryption oracle would be Bleichenbacher-vulnerable despite the `OAEP` setting.\n\n### Migration note\n\nExisting `{cipher}` values produced under the broken `OAEP` setting were encrypted with PKCS#1 v1.5. The fix makes `OAEP` use actual OAEP padding, so those values will fail to decrypt after upgrading. Re-encrypt all affected `{cipher}` values after upgrading.",
  "id": "GHSA-4j9m-h44m-2hv8",
  "modified": "2026-07-02T20:32:21Z",
  "published": "2026-07-02T20:32:21Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://github.com/SteeltoeOSS/security-advisories/security/advisories/GHSA-4j9m-h44m-2hv8"
    },
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-50268"
    },
    {
      "type": "WEB",
      "url": "https://github.com/SteeltoeOSS/Steeltoe/commit/6cfee5cccddf8f9a31de69b0ca5ccdd771b73e5b"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/SteeltoeOSS/security-advisories"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:L/I:N/A:N",
      "type": "CVSS_V3"
    }
  ],
  "summary": "Steeltoe: OAEP setting silently selects PKCS#1 v1.5 padding"
}

GHSA-4V4V-92CX-X4F4

Vulnerability from github – Published: 2025-07-09 18:30 – Updated: 2025-11-05 20:13
VLAI
Summary
Jenkins Nouvola DiveCloud Plugin vulnerability does not mask keys on its job configuration form
Details

Jenkins Nouvola DiveCloud Plugin 1.08 and earlier does not mask DiveCloud API Keys and Credentials Encryption Keys displayed on the job configuration form, increasing the potential for attackers to observe and capture them.

Show details on source website

{
  "affected": [
    {
      "package": {
        "ecosystem": "Maven",
        "name": "org.jenkins-ci.plugins:nouvola-divecloud"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "last_affected": "1.08"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2025-53671"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-256"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2025-07-09T21:45:25Z",
    "nvd_published_at": "2025-07-09T16:15:26Z",
    "severity": "MODERATE"
  },
  "details": "Jenkins Nouvola DiveCloud Plugin 1.08 and earlier does not mask DiveCloud API Keys and Credentials Encryption Keys displayed on the job configuration form, increasing the potential for attackers to observe and capture them.",
  "id": "GHSA-4v4v-92cx-x4f4",
  "modified": "2025-11-05T20:13:01Z",
  "published": "2025-07-09T18:30:46Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-53671"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/jenkinsci/nouvola-divecloud-plugin"
    },
    {
      "type": "WEB",
      "url": "https://www.jenkins.io/security/advisory/2025-07-09/#SECURITY-3526"
    },
    {
      "type": "WEB",
      "url": "http://www.openwall.com/lists/oss-security/2025/07/09/4"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
      "type": "CVSS_V3"
    }
  ],
  "summary": "Jenkins Nouvola DiveCloud Plugin vulnerability does not mask keys on its job configuration form"
}

Mitigation
Architecture and Design

Avoid storing passwords in easily accessible locations.

Mitigation
Architecture and Design

Consider storing cryptographic hashes of passwords as an alternative to storing in plaintext.

Mitigation

A programmer might attempt to remedy the password management problem by obscuring the password with an encoding function, such as base 64 encoding, but this effort does not adequately protect the password because the encoding can be detected and decoded easily.

No CAPEC attack patterns related to this CWE.