Common Weakness Enumeration

CWE-260

Allowed

Password in Configuration File

Abstraction: Base · Status: Incomplete

The product stores a password in a configuration file that might be accessible to actors who do not know the password.

42 vulnerabilities reference this CWE, most recent first.

CVE-2017-7923 (GCVE-0-2017-7923)

Vulnerability from cvelistv5 – Published: 2017-05-06 00:00 – Updated: 2024-12-27 20:58
VLAI
Summary
A Password in Configuration File issue was discovered in Hikvision DS-2CD2xx2F-I Series V5.2.0 build 140721 to V5.4.0 build 160530, DS-2CD2xx0F-I Series V5.2.0 build 140721 to V5.4.0 Build 160401, DS-2CD2xx2FWD Series V5.3.1 build 150410 to V5.4.4 Build 161125, DS-2CD4x2xFWD Series V5.2.0 build 140721 to V5.4.0 Build 160414, DS-2CD4xx5 Series V5.2.0 build 140721 to V5.4.0 Build 160421, DS-2DFx Series V5.2.0 build 140805 to V5.4.5 Build 160928, and DS-2CD63xx Series V5.0.9 build 140305 to V5.3.5 Build 160106 devices. The password in configuration file vulnerability could allow a malicious user to escalate privileges or assume the identity of another user and access sensitive information.
Severity
No CVSS data available.
CWE
Assigner
Impacted products
Vendor Product Version
n/a Hikvision Cameras Affected: Hikvision Cameras
Date Public
2017-05-05 00:00
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-12-27T20:58:21.460Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "url": "https://www.hikvision.com/us-en/support/document-center/special-notices/privilege-escalating-vulnerability-in-certain-hikvision-ip-cameras/"
          },
          {
            "url": "https://www.hikvision.com/cn/support/CybersecurityCenter/SecurityNotices/20170314/"
          },
          {
            "url": "https://www.hikvision.com/en/support/cybersecurity/security-advisory/security-notification--privilege-escalating-vulnerability-in-cer/"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://ics-cert.us-cert.gov/advisories/ICSA-17-124-01"
          },
          {
            "name": "98313",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/98313"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://ghostbin.com/paste/q2vq2"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://www.hikvision.com/us/about_10807.html"
          }
        ],
        "title": "CVE Program Container",
        "x_generator": {
          "engine": "ADPogram 0.0.1"
        }
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Hikvision Cameras",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "Hikvision Cameras"
            }
          ]
        }
      ],
      "datePublic": "2017-05-05T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "A Password in Configuration File issue was discovered in Hikvision DS-2CD2xx2F-I Series V5.2.0 build 140721 to V5.4.0 build 160530, DS-2CD2xx0F-I Series V5.2.0 build 140721 to V5.4.0 Build 160401, DS-2CD2xx2FWD Series V5.3.1 build 150410 to V5.4.4 Build 161125, DS-2CD4x2xFWD Series V5.2.0 build 140721 to V5.4.0 Build 160414, DS-2CD4xx5 Series V5.2.0 build 140721 to V5.4.0 Build 160421, DS-2DFx Series V5.2.0 build 140805 to V5.4.5 Build 160928, and DS-2CD63xx Series V5.0.9 build 140305 to V5.3.5 Build 160106 devices. The password in configuration file vulnerability could allow a malicious user to escalate privileges or assume the identity of another user and access sensitive information."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-260",
              "description": "CWE-260",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-12-18T03:57:01.000Z",
        "orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
        "shortName": "icscert"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://ics-cert.us-cert.gov/advisories/ICSA-17-124-01"
        },
        {
          "name": "98313",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/98313"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://ghostbin.com/paste/q2vq2"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://www.hikvision.com/us/about_10807.html"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "ics-cert@hq.dhs.gov",
          "ID": "CVE-2017-7923",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Hikvision Cameras",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "Hikvision Cameras"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A Password in Configuration File issue was discovered in Hikvision DS-2CD2xx2F-I Series V5.2.0 build 140721 to V5.4.0 build 160530, DS-2CD2xx0F-I Series V5.2.0 build 140721 to V5.4.0 Build 160401, DS-2CD2xx2FWD Series V5.3.1 build 150410 to V5.4.4 Build 161125, DS-2CD4x2xFWD Series V5.2.0 build 140721 to V5.4.0 Build 160414, DS-2CD4xx5 Series V5.2.0 build 140721 to V5.4.0 Build 160421, DS-2DFx Series V5.2.0 build 140805 to V5.4.5 Build 160928, and DS-2CD63xx Series V5.0.9 build 140305 to V5.3.5 Build 160106 devices. The password in configuration file vulnerability could allow a malicious user to escalate privileges or assume the identity of another user and access sensitive information."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-260"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://ics-cert.us-cert.gov/advisories/ICSA-17-124-01",
              "refsource": "MISC",
              "url": "https://ics-cert.us-cert.gov/advisories/ICSA-17-124-01"
            },
            {
              "name": "98313",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/98313"
            },
            {
              "name": "https://ghostbin.com/paste/q2vq2",
              "refsource": "MISC",
              "url": "https://ghostbin.com/paste/q2vq2"
            },
            {
              "name": "http://www.hikvision.com/us/about_10807.html",
              "refsource": "MISC",
              "url": "http://www.hikvision.com/us/about_10807.html"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
    "assignerShortName": "icscert",
    "cveId": "CVE-2017-7923",
    "datePublished": "2017-05-06T00:00:00.000Z",
    "dateReserved": "2017-04-18T00:00:00.000Z",
    "dateUpdated": "2024-12-27T20:58:21.460Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2016-7043 (GCVE-0-2016-7043)

Vulnerability from cvelistv5 – Published: 2019-05-15 15:46 – Updated: 2024-08-06 01:50
VLAI
Summary
It has been reported that KIE server and Busitess Central before version 7.21.0.Final contain username and password as plaintext Java properties. Any app deployed on the same server would have access to these properties, thus granting access to ther services.
CWE
Assigner
References
Impacted products
Vendor Product Version
KIE kie-server Affected: affects < 7.21.0.Final
Create a notification for this product.
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T01:50:47.418Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-7043"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/kiegroup/droolsjbpm-integration/pull/1273"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "kie-server",
          "vendor": "KIE",
          "versions": [
            {
              "status": "affected",
              "version": "affects \u003c 7.21.0.Final"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "It has been reported that KIE server and Busitess Central before version 7.21.0.Final contain username and password as plaintext Java properties. Any app deployed on the same server would have access to these properties, thus granting access to ther services."
        }
      ],
      "metrics": [
        {
          "cvssV3_0": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 5.9,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.0"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-260",
              "description": "CWE-260",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2019-05-15T15:46:17.000Z",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-7043"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/kiegroup/droolsjbpm-integration/pull/1273"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2016-7043",
    "datePublished": "2019-05-15T15:46:17.000Z",
    "dateReserved": "2016-08-23T00:00:00.000Z",
    "dateUpdated": "2024-08-06T01:50:47.418Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2014-5400 (GCVE-0-2014-5400)

Vulnerability from cvelistv5 – Published: 2015-04-03 10:00 – Updated: 2025-11-03 18:26
VLAI
Title
Hospira MedNet Password in Configuration File
Summary
The installation component in Hospira MedNet before 6.1 places cleartext credentials in configuration files, which allows local users to obtain sensitive information by reading a file.
Severity
No CVSS data available.
CWE
Assigner
Impacted products
Vendor Product Version
Hospira MedNet Affected: 0 , ≤ 5.8 (custom)
Unaffected: 6.1
Create a notification for this product.
Date Public
2015-03-31 06:00
Credits
Billy Rios
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T11:41:49.202Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://ics-cert.us-cert.gov/advisories/ICSA-15-090-03"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "MedNet",
          "vendor": "Hospira",
          "versions": [
            {
              "lessThanOrEqual": "5.8",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            },
            {
              "status": "unaffected",
              "version": "6.1"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "value": "Billy Rios"
        }
      ],
      "datePublic": "2015-03-31T06:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cp\u003eThe installation component in Hospira MedNet before 6.1 places cleartext credentials in configuration files, which allows local users to obtain sensitive information by reading a file.\u003c/p\u003e"
            }
          ],
          "value": "The installation component in Hospira MedNet before 6.1 places cleartext credentials in configuration files, which allows local users to obtain sensitive information by reading a file."
        }
      ],
      "metrics": [
        {
          "cvssV2_0": {
            "accessComplexity": "LOW",
            "accessVector": "LOCAL",
            "authentication": "SINGLE",
            "availabilityImpact": "COMPLETE",
            "baseScore": 6.8,
            "confidentialityImpact": "COMPLETE",
            "integrityImpact": "COMPLETE",
            "vectorString": "AV:L/AC:L/Au:S/C:C/I:C/A:C",
            "version": "2.0"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-260",
              "description": "CWE-260",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-11-03T18:26:56.284Z",
        "orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
        "shortName": "icscert"
      },
      "references": [
        {
          "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-15-090-03"
        },
        {
          "url": "https://github.com/cisagov/CSAF/blob/develop/csaf_files/OT/white/2015/icsa-15-090-03.json"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cp\u003eHospira has developed a new version of the MedNet software, MedNet \n6.1. Hospira reports that MedNet 6.1 no longer uses hard-coded \npasswords, hard-coded cryptographic keys, and no longer stores passwords\n in clear text. Existing versions of MedNet can be upgraded to MedNet \n6.1.\u003c/p\u003e\n\u003cp\u003eHospira has produced mitigation recommendations that help mitigate \nthe vulnerability in the vulnerable version of JBoss Enterprise \nApplication Platform software, used in the MedNet software. This has \nbeen addressed by Hospira through issuance of the following knowledge \nbased articles: Improving Security in Hospira MedNet 5.5 (August 2014) \nand Improving Security in Hospira MedNet 5.8 (August 2014). For \nadditional information about Hospira\u2019s new releases and mitigation \nrecommendations, contact Hospira\u2019s technical support at 1-800-241-4002.\u003c/p\u003e"
            }
          ],
          "value": "Hospira has developed a new version of the MedNet software, MedNet \n6.1. Hospira reports that MedNet 6.1 no longer uses hard-coded \npasswords, hard-coded cryptographic keys, and no longer stores passwords\n in clear text. Existing versions of MedNet can be upgraded to MedNet \n6.1.\n\n\nHospira has produced mitigation recommendations that help mitigate \nthe vulnerability in the vulnerable version of JBoss Enterprise \nApplication Platform software, used in the MedNet software. This has \nbeen addressed by Hospira through issuance of the following knowledge \nbased articles: Improving Security in Hospira MedNet 5.5 (August 2014) \nand Improving Security in Hospira MedNet 5.8 (August 2014). For \nadditional information about Hospira\u2019s new releases and mitigation \nrecommendations, contact Hospira\u2019s technical support at 1-800-241-4002."
        }
      ],
      "source": {
        "advisory": "ICSA-15-090-03",
        "discovery": "EXTERNAL"
      },
      "title": "Hospira MedNet Password in Configuration File",
      "x_generator": {
        "engine": "Vulnogram 0.5.0"
      },
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "ics-cert@hq.dhs.gov",
          "ID": "CVE-2014-5400",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The installation component in Hospira MedNet before 6.1 places cleartext credentials in configuration files, which allows local users to obtain sensitive information by reading a file."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://ics-cert.us-cert.gov/advisories/ICSA-15-090-03",
              "refsource": "MISC",
              "url": "https://ics-cert.us-cert.gov/advisories/ICSA-15-090-03"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
    "assignerShortName": "icscert",
    "cveId": "CVE-2014-5400",
    "datePublished": "2015-04-03T10:00:00.000Z",
    "dateReserved": "2014-08-22T00:00:00.000Z",
    "dateUpdated": "2025-11-03T18:26:56.284Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

GHSA-3XPC-R2RV-GRC2

Vulnerability from github – Published: 2025-11-13 00:30 – Updated: 2025-11-13 00:30
VLAI
Details

IBM QRadar SIEM 7.5 through 7.5.0 UP14 stores user credentials in configuration files in source control which can be read by an authenticated user.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2025-33119"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-260"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-11-12T22:15:44Z",
    "severity": "MODERATE"
  },
  "details": "IBM QRadar SIEM 7.5 through 7.5.0 UP14 stores user credentials in configuration files in source control which can be read by an authenticated user.",
  "id": "GHSA-3xpc-r2rv-grc2",
  "modified": "2025-11-13T00:30:17Z",
  "published": "2025-11-13T00:30:17Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-33119"
    },
    {
      "type": "WEB",
      "url": "https://www.ibm.com/support/pages/node/7250932"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-4VV5-FG3J-73P8

Vulnerability from github – Published: 2025-05-07 12:30 – Updated: 2025-05-07 12:30
VLAI
Details

IBM Sterling Partner Engagement Manager 6.1.0, 6.2.0, 6.2.2 JWT secret is stored in public Helm Charts and is not stored as a Kubernetes secret.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2025-33093"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-260",
      "CWE-522"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-05-07T11:15:52Z",
    "severity": "HIGH"
  },
  "details": "IBM Sterling Partner Engagement Manager 6.1.0, 6.2.0, 6.2.2 JWT secret is stored in public Helm Charts and is not stored as a Kubernetes secret.",
  "id": "GHSA-4vv5-fg3j-73p8",
  "modified": "2025-05-07T12:30:33Z",
  "published": "2025-05-07T12:30:33Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-33093"
    },
    {
      "type": "WEB",
      "url": "https://www.ibm.com/support/pages/node/7232762"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-7F9H-3V62-FX27

Vulnerability from github – Published: 2025-06-23 15:31 – Updated: 2025-06-23 15:31
VLAI
Details

Standard Windows users can access the configuration file for database access of the BRAIN2 application and decrypt it.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2025-6513"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-260"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-06-23T13:15:23Z",
    "severity": "CRITICAL"
  },
  "details": "Standard Windows users can access the configuration file for database access of the BRAIN2 application and decrypt it.",
  "id": "GHSA-7f9h-3v62-fx27",
  "modified": "2025-06-23T15:31:41Z",
  "published": "2025-06-23T15:31:41Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-6513"
    },
    {
      "type": "WEB",
      "url": "https://www.bizerba.com/downloads/global/information-security/2025/bizerba-sa-2025-0003.pdf"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-C723-9J4V-77QC

Vulnerability from github – Published: 2022-05-13 01:36 – Updated: 2022-05-13 01:36
VLAI
Details

A Password in Configuration File issue was discovered in Dahua DH-IPC-HDBW23A0RN-ZS, DH-IPC-HDBW13A0SN, DH-IPC-HDW1XXX, DH-IPC-HDW2XXX, DH-IPC-HDW4XXX, DH-IPC-HFW1XXX, DH-IPC-HFW2XXX, DH-IPC-HFW4XXX, DH-SD6CXX, DH-NVR1XXX, DH-HCVR4XXX, DH-HCVR5XXX, DHI-HCVR51A04HE-S3, DHI-HCVR51A08HE-S3, and DHI-HCVR58A32S-S2 devices. The password in configuration file vulnerability was identified, which could lead to a malicious user assuming the identity of a privileged user and gaining access to sensitive information.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2017-7925"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-260",
      "CWE-522"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2017-05-06T00:29:00Z",
    "severity": "CRITICAL"
  },
  "details": "A Password in Configuration File issue was discovered in Dahua DH-IPC-HDBW23A0RN-ZS, DH-IPC-HDBW13A0SN, DH-IPC-HDW1XXX, DH-IPC-HDW2XXX, DH-IPC-HDW4XXX, DH-IPC-HFW1XXX, DH-IPC-HFW2XXX, DH-IPC-HFW4XXX, DH-SD6CXX, DH-NVR1XXX, DH-HCVR4XXX, DH-HCVR5XXX, DHI-HCVR51A04HE-S3, DHI-HCVR51A08HE-S3, and DHI-HCVR58A32S-S2 devices. The password in configuration file vulnerability was identified, which could lead to a malicious user assuming the identity of a privileged user and gaining access to sensitive information.",
  "id": "GHSA-c723-9j4v-77qc",
  "modified": "2022-05-13T01:36:14Z",
  "published": "2022-05-13T01:36:14Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-7925"
    },
    {
      "type": "WEB",
      "url": "https://ics-cert.us-cert.gov/advisories/ICSA-17-124-02"
    },
    {
      "type": "WEB",
      "url": "http://us.dahuasecurity.com/en/us/Security-Bulletin_030617.php"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/98312"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-CXHQ-365X-27H7

Vulnerability from github – Published: 2022-05-17 04:14 – Updated: 2025-11-03 18:31
VLAI
Details

The installation component in Hospira MedNet before 6.1 places cleartext credentials in configuration files, which allows local users to obtain sensitive information by reading a file.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2014-5400"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-200",
      "CWE-260"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2015-04-03T10:59:00Z",
    "severity": "LOW"
  },
  "details": "The installation component in Hospira MedNet before 6.1 places cleartext credentials in configuration files, which allows local users to obtain sensitive information by reading a file.",
  "id": "GHSA-cxhq-365x-27h7",
  "modified": "2025-11-03T18:31:09Z",
  "published": "2022-05-17T04:14:09Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2014-5400"
    },
    {
      "type": "WEB",
      "url": "https://github.com/cisagov/CSAF/blob/develop/csaf_files/OT/white/2015/icsa-15-090-03.json"
    },
    {
      "type": "WEB",
      "url": "https://ics-cert.us-cert.gov/advisories/ICSA-15-090-03"
    },
    {
      "type": "WEB",
      "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-15-090-03"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

GHSA-F83J-6RQJ-VHPW

Vulnerability from github – Published: 2023-05-18 15:30 – Updated: 2023-05-18 15:30
VLAI
Details

A vulnerability classified as problematic has been found in TOTOLINK N200RE 9.3.5u.6255_B20211224. Affected is an unknown function of the file /squashfs-root/etc_ro/custom.conf of the component Telnet Service. The manipulation leads to password in configuration file. It is possible to launch the attack on the local host. The exploit has been disclosed to the public and may be used. VDB-229374 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2023-2790"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-260"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2023-05-18T13:15:09Z",
    "severity": "LOW"
  },
  "details": "A vulnerability classified as problematic has been found in TOTOLINK N200RE 9.3.5u.6255_B20211224. Affected is an unknown function of the file /squashfs-root/etc_ro/custom.conf of the component Telnet Service. The manipulation leads to password in configuration file. It is possible to launch the attack on the local host. The exploit has been disclosed to the public and may be used. VDB-229374 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.",
  "id": "GHSA-f83j-6rqj-vhpw",
  "modified": "2023-05-18T15:30:18Z",
  "published": "2023-05-18T15:30:18Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-2790"
    },
    {
      "type": "WEB",
      "url": "https://drive.google.com/file/d/1RITXRvKele5aW42YFk0JeQHCq2B63lUj/view?usp=share_link"
    },
    {
      "type": "WEB",
      "url": "https://vuldb.com/?ctiid.229374"
    },
    {
      "type": "WEB",
      "url": "https://vuldb.com/?id.229374"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-HFCM-596P-C7F7

Vulnerability from github – Published: 2025-05-29 15:31 – Updated: 2025-05-29 15:31
VLAI
Details

An authenticated user can disclose the cleartext password of a configured SMTP server via an HTTP GET request to the /config.php endpoint.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2025-48046"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-256",
      "CWE-260"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-05-29T13:15:25Z",
    "severity": "MODERATE"
  },
  "details": "An authenticated user can disclose the cleartext password of a configured SMTP server via an HTTP GET request to the /config.php endpoint.",
  "id": "GHSA-hfcm-596p-c7f7",
  "modified": "2025-05-29T15:31:08Z",
  "published": "2025-05-29T15:31:08Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-48046"
    },
    {
      "type": "WEB",
      "url": "https://www.rapid7.com/blog/post/2025/05/29/cve-2025-48045-cve-2025-48046-cve-2025-48047-mici-netfax-server-product-vulnerabilities-not-fixed"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
      "type": "CVSS_V4"
    }
  ]
}

Mitigation
Architecture and Design

Avoid storing passwords in easily accessible locations.

Mitigation
Architecture and Design

Consider storing cryptographic hashes of passwords as an alternative to storing in plaintext.

No CAPEC attack patterns related to this CWE.