CWE-312
AllowedCleartext Storage of Sensitive Information
Abstraction: Base · Status: Draft
The product stores sensitive information in cleartext within a resource that might be accessible to another control sphere.
1017 vulnerabilities reference this CWE, most recent first.
GHSA-4MWX-89HH-M9VR
Vulnerability from github – Published: 2023-01-09 09:30 – Updated: 2023-01-13 00:30IBM Security Verify Governance 10.0 stores user credentials in plain clear text which can be read by a local user. IBM X-Force ID: 225232.
{
"affected": [],
"aliases": [
"CVE-2022-22470"
],
"database_specific": {
"cwe_ids": [
"CWE-312"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2023-01-09T08:15:00Z",
"severity": "MODERATE"
},
"details": "IBM Security Verify Governance 10.0 stores user credentials in plain clear text which can be read by a local user. IBM X-Force ID: 225232.",
"id": "GHSA-4mwx-89hh-m9vr",
"modified": "2023-01-13T00:30:38Z",
"published": "2023-01-09T09:30:25Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-22470"
},
{
"type": "WEB",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/225232"
},
{
"type": "WEB",
"url": "https://www.ibm.com/support/pages/node/6852697"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-4P59-P85X-F3WX
Vulnerability from github – Published: 2022-05-24 16:58 – Updated: 2022-12-06 21:57Jenkins Delphix Plugin stores credentials unencrypted in its global configuration file on the Jenkins master where they can be viewed by users with access to the master file system.
{
"affected": [
{
"package": {
"ecosystem": "Maven",
"name": "org.jenkins-ci.plugins:delphix"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "2.0.4"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2019-10453"
],
"database_specific": {
"cwe_ids": [
"CWE-312"
],
"github_reviewed": true,
"github_reviewed_at": "2022-12-06T21:57:01Z",
"nvd_published_at": "2019-10-16T14:15:00Z",
"severity": "HIGH"
},
"details": "Jenkins Delphix Plugin stores credentials unencrypted in its global configuration file on the Jenkins master where they can be viewed by users with access to the master file system.",
"id": "GHSA-4p59-p85x-f3wx",
"modified": "2022-12-06T21:57:01Z",
"published": "2022-05-24T16:58:50Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-10453"
},
{
"type": "PACKAGE",
"url": "https://github.com/jenkinsci/delphix-plugin"
},
{
"type": "WEB",
"url": "https://jenkins.io/security/advisory/2019-10-16/#SECURITY-1450"
},
{
"type": "WEB",
"url": "http://www.openwall.com/lists/oss-security/2019/10/16/6"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
],
"summary": "Jenkins Delphix Plugin vulnerable to Cleartext credential storage"
}
GHSA-4Q47-PH87-FQ4F
Vulnerability from github – Published: 2022-05-24 17:12 – Updated: 2022-12-22 13:54Artifactory Plugin 3.5.0 and earlier stores its Artifactory server password in plain text in the global configuration file org.jfrog.hudson.ArtifactoryBuilder.xml. This password can be viewed by users with access to the Jenkins controller file system.
Artifactory Plugin 3.6.0 now stores the Artifactory server password encrypted. This change is effective once the global configuration is saved the next time.
{
"affected": [
{
"package": {
"ecosystem": "Maven",
"name": "org.jenkins-ci.plugins:artifactory"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "3.6.0"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2020-2164"
],
"database_specific": {
"cwe_ids": [
"CWE-312",
"CWE-522"
],
"github_reviewed": true,
"github_reviewed_at": "2022-12-22T13:54:52Z",
"nvd_published_at": "2020-03-25T17:15:00Z",
"severity": "LOW"
},
"details": "Artifactory Plugin 3.5.0 and earlier stores its Artifactory server password in plain text in the global configuration file `org.jfrog.hudson.ArtifactoryBuilder.xml`. This password can be viewed by users with access to the Jenkins controller file system.\n\nArtifactory Plugin 3.6.0 now stores the Artifactory server password encrypted. This change is effective once the global configuration is saved the next time.",
"id": "GHSA-4q47-ph87-fq4f",
"modified": "2022-12-22T13:54:52Z",
"published": "2022-05-24T17:12:40Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-2164"
},
{
"type": "PACKAGE",
"url": "https://github.com/jenkinsci/artifactory-plugin"
},
{
"type": "WEB",
"url": "https://jenkins.io/security/advisory/2020-03-25/#SECURITY-1542%20(1)"
},
{
"type": "WEB",
"url": "http://www.openwall.com/lists/oss-security/2020/03/25/2"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"type": "CVSS_V3"
}
],
"summary": "Passwords stored in plain text by Jenkins Artifactory Plugin"
}
GHSA-4QRM-9H4R-V2FX
Vulnerability from github – Published: 2024-09-03 19:41 – Updated: 2024-09-03 21:45Impact
Tina search token leaked via lock file (tina-lock.json) in TinaCMS. Sites building with @tinacms/cli < 1.6.2 that use a search token are impacted.
If your Tina-enabled website has search setup, you should rotate that key immediately.
Patches
This issue has been patched in @tinacms/cli@1.6.2
Workarounds
Upgrading, and rotating search token is required for the proper fix.
References
https://github.com/tinacms/tinacms/pull/4758
{
"affected": [
{
"package": {
"ecosystem": "npm",
"name": "@tinacms/cli"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1.6.2"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2024-45391"
],
"database_specific": {
"cwe_ids": [
"CWE-200",
"CWE-312"
],
"github_reviewed": true,
"github_reviewed_at": "2024-09-03T19:41:59Z",
"nvd_published_at": "2024-09-03T20:15:08Z",
"severity": "HIGH"
},
"details": "### Impact\nTina search token leaked via lock file (tina-lock.json) in TinaCMS. Sites building with @tinacms/cli \u003c 1.6.2 that use a search token are impacted.\n\nIf your Tina-enabled website has search setup, you should rotate that key immediately.\n\n### Patches\nThis issue has been patched in @tinacms/cli@1.6.2\n\n### Workarounds\nUpgrading, and rotating search token is required for the proper fix.\n\n### References\nhttps://github.com/tinacms/tinacms/pull/4758\n",
"id": "GHSA-4qrm-9h4r-v2fx",
"modified": "2024-09-03T21:45:34Z",
"published": "2024-09-03T19:41:59Z",
"references": [
{
"type": "WEB",
"url": "https://github.com/tinacms/tinacms/security/advisories/GHSA-4qrm-9h4r-v2fx"
},
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-45391"
},
{
"type": "WEB",
"url": "https://github.com/tinacms/tinacms/pull/4758"
},
{
"type": "WEB",
"url": "https://github.com/tinacms/tinacms/commit/110f1ceea4574d636a64526648f7c8bf6539b26a"
},
{
"type": "PACKAGE",
"url": "https://github.com/tinacms/tinacms"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
},
{
"score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N",
"type": "CVSS_V4"
}
],
"summary": "Tina search token leak via lock file in TinaCMS"
}
GHSA-4QWM-996C-W925
Vulnerability from github – Published: 2022-08-27 00:00 – Updated: 2022-09-02 00:01A flaw was found in openstack-tripleo-heat-templates. Plain passwords from RHSM exist in the logs during OSP13 deployment with subscription-manager.
{
"affected": [],
"aliases": [
"CVE-2021-3585"
],
"database_specific": {
"cwe_ids": [
"CWE-312"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2022-08-26T16:15:00Z",
"severity": "MODERATE"
},
"details": "A flaw was found in openstack-tripleo-heat-templates. Plain passwords from RHSM exist in the logs during OSP13 deployment with subscription-manager.",
"id": "GHSA-4qwm-996c-w925",
"modified": "2022-09-02T00:01:09Z",
"published": "2022-08-27T00:00:45Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-3585"
},
{
"type": "WEB",
"url": "https://access.redhat.com/security/cve/CVE-2021-3585"
},
{
"type": "WEB",
"url": "https://bugs.launchpad.net/tripleo/+bug/1931132"
},
{
"type": "WEB",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1961709"
},
{
"type": "WEB",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1968247"
},
{
"type": "WEB",
"url": "https://review.opendev.org/c/openstack/tripleo-heat-templates/+/791988"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-4RGC-5G6R-2RJF
Vulnerability from github – Published: 2023-12-12 00:58 – Updated: 2023-12-12 00:58Impact
S3 credentials are logged in plain text
S3Creds:{Key:AKIAIOSFODNN7EXAMPLE Secret:wJalrXUtnFEMI/K7MDENG/bPxRfiCYEXAMPLEKEY
appears as part of the log message:
time="2023-05-12T13:51:52Z" level=error msg="failed to perform diff" func="pkg/plugins/diff.(*Service).RunDiff" file="build/pkg/plugins/diff/service.go:124" error="rpc error: code = Canceled desc = stream terminated by RST_STREAM with error code: CANCEL" host="localhost:8000" method=GET operation_id=OtfDiff params="{TablePaths:{Left:{Ref:data_load@ Path:aggs/agg_variety/} Right:{Ref:data_load Path:aggs/agg_variety/} Base:{Ref: Path:}} S3Creds:{Key:AKIAIOSFODNN7EXAMPLE Secret:wJalrXUtnFEMI/K7MDENG/bPxRfiCYEXAMPLEKEY Endpoint:http://0.0.0.0:8000} Repo:example}" path="/api/v1/repositories/example/otf/refs/data_load%40/diff/data_load?table_path=aggs%2Fagg_variety%2F&type=delta" request_id=d3b6fdc7-2544-4c12-8e05-376f16e35a80 service_name=rest_api type=delta user=docker
Discovered when investigating #5862
Patches
Has the problem been patched? What versions should users upgrade to?
No
Workarounds
Is there a way for users to fix or remediate the vulnerability without upgrading?
disable all logging?
References
Are there any links users can visit to find out more?
{
"affected": [
{
"package": {
"ecosystem": "Go",
"name": "github.com/treeverse/lakefs"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "0.101.0"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [],
"database_specific": {
"cwe_ids": [
"CWE-312"
],
"github_reviewed": true,
"github_reviewed_at": "2023-12-12T00:58:29Z",
"nvd_published_at": null,
"severity": "HIGH"
},
"details": "### Impact\n\nS3 credentials are logged in plain text\n\n```\nS3Creds:{Key:AKIAIOSFODNN7EXAMPLE Secret:wJalrXUtnFEMI/K7MDENG/bPxRfiCYEXAMPLEKEY\n```\n\nappears as part of the log message: \n\n```\ntime=\"2023-05-12T13:51:52Z\" level=error msg=\"failed to perform diff\" func=\"pkg/plugins/diff.(*Service).RunDiff\" file=\"build/pkg/plugins/diff/service.go:124\" error=\"rpc error: code = Canceled desc = stream terminated by RST_STREAM with error code: CANCEL\" host=\"localhost:8000\" method=GET operation_id=OtfDiff params=\"{TablePaths:{Left:{Ref:data_load@ Path:aggs/agg_variety/} Right:{Ref:data_load Path:aggs/agg_variety/} Base:{Ref: Path:}} S3Creds:{Key:AKIAIOSFODNN7EXAMPLE Secret:wJalrXUtnFEMI/K7MDENG/bPxRfiCYEXAMPLEKEY Endpoint:http://0.0.0.0:8000} Repo:example}\" path=\"/api/v1/repositories/example/otf/refs/data_load%40/diff/data_load?table_path=aggs%2Fagg_variety%2F\u0026type=delta\" request_id=d3b6fdc7-2544-4c12-8e05-376f16e35a80 service_name=rest_api type=delta user=docker\n```\n\nDiscovered when investigating [#5862](https://github.com/treeverse/lakeFS/issues/5862)\n\n\n### Patches\n_Has the problem been patched? What versions should users upgrade to?_\n\nNo\n\n### Workarounds\n_Is there a way for users to fix or remediate the vulnerability without upgrading?_\n\ndisable all logging? \n\n### References\n_Are there any links users can visit to find out more?_\n\n",
"id": "GHSA-4rgc-5g6r-2rjf",
"modified": "2023-12-12T00:58:29Z",
"published": "2023-12-12T00:58:29Z",
"references": [
{
"type": "WEB",
"url": "https://github.com/treeverse/lakeFS/security/advisories/GHSA-4rgc-5g6r-2rjf"
},
{
"type": "PACKAGE",
"url": "https://github.com/treeverse/lakeFS"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
],
"summary": "lakeFS logs S3 credentials in plain text"
}
GHSA-4RP2-WHVP-25JM
Vulnerability from github – Published: 2022-05-13 01:10 – Updated: 2022-05-13 01:10Amazon AWS SDK <=2.8.5 for Android uses Android SharedPreferences to store plain text AWS STS Temporary Credentials retrieved by AWS Cognito Identity Service. An attacker can use these credentials to create authenticated and/or authorized requests. Note that the attacker must have "root" privilege access to the Android filesystem in order to exploit this vulnerability (i.e. the device has been compromised, such as disabling or bypassing Android's fundamental security mechanisms).
{
"affected": [],
"aliases": [
"CVE-2018-19981"
],
"database_specific": {
"cwe_ids": [
"CWE-312"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2019-04-04T15:29:00Z",
"severity": "HIGH"
},
"details": "Amazon AWS SDK \u003c=2.8.5 for Android uses Android SharedPreferences to store plain text AWS STS Temporary Credentials retrieved by AWS Cognito Identity Service. An attacker can use these credentials to create authenticated and/or authorized requests. Note that the attacker must have \"root\" privilege access to the Android filesystem in order to exploit this vulnerability (i.e. the device has been compromised, such as disabling or bypassing Android\u0027s fundamental security mechanisms).",
"id": "GHSA-4rp2-whvp-25jm",
"modified": "2022-05-13T01:10:20Z",
"published": "2022-05-13T01:10:20Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-19981"
},
{
"type": "WEB",
"url": "https://aws-amplify.github.io/aws-sdk-android/docs/reference/com/amazonaws/auth/CognitoCachingCredentialsProvider.html"
},
{
"type": "WEB",
"url": "https://raw.githubusercontent.com/lorenzodifuccia/cloudflare/master/Images/vulns/aws/aws_sdk_sp_01.png"
},
{
"type": "WEB",
"url": "https://raw.githubusercontent.com/lorenzodifuccia/cloudflare/master/Images/vulns/aws/aws_sdk_sp_02.png"
},
{
"type": "WEB",
"url": "https://raw.githubusercontent.com/lorenzodifuccia/cloudflare/master/Images/vulns/aws/aws_sdk_sp_03.png"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-4V3C-22G9-X3JM
Vulnerability from github – Published: 2022-05-24 16:47 – Updated: 2023-03-03 21:30IBM Maximo Asset Management 7.6 could allow a an authenticated user to replace a target page with a phishing site which could allow the attacker to obtain highly sensitive information. IBM X-Force ID: 155554.
{
"affected": [],
"aliases": [
"CVE-2018-2028"
],
"database_specific": {
"cwe_ids": [
"CWE-312"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2019-06-06T01:29:00Z",
"severity": "MODERATE"
},
"details": "IBM Maximo Asset Management 7.6 could allow a an authenticated user to replace a target page with a phishing site which could allow the attacker to obtain highly sensitive information. IBM X-Force ID: 155554.",
"id": "GHSA-4v3c-22g9-x3jm",
"modified": "2023-03-03T21:30:18Z",
"published": "2022-05-24T16:47:28Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-2028"
},
{
"type": "WEB",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/155554"
},
{
"type": "WEB",
"url": "https://www.ibm.com/support/docview.wss?uid=ibm10880145"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-4VFM-9FHJ-8C5X
Vulnerability from github – Published: 2022-05-24 17:20 – Updated: 2022-05-24 17:20An issue was discovered in the stashcat app through 3.9.2 for macOS, Windows, Android, iOS, and possibly other platforms. It stores the client_key, the device_id, and the public key for end-to-end encryption in cleartext, enabling an attacker (by copying or having access to the local storage database file) to login to the system from any other computer, and get unlimited access to all data in the users's context.
{
"affected": [],
"aliases": [
"CVE-2020-13637"
],
"database_specific": {
"cwe_ids": [
"CWE-312"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2020-06-17T17:15:00Z",
"severity": "MODERATE"
},
"details": "An issue was discovered in the stashcat app through 3.9.2 for macOS, Windows, Android, iOS, and possibly other platforms. It stores the client_key, the device_id, and the public key for end-to-end encryption in cleartext, enabling an attacker (by copying or having access to the local storage database file) to login to the system from any other computer, and get unlimited access to all data in the users\u0027s context.",
"id": "GHSA-4vfm-9fhj-8c5x",
"modified": "2022-05-24T17:20:46Z",
"published": "2022-05-24T17:20:46Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-13637"
},
{
"type": "WEB",
"url": "http://www.jvanlaak.de/stashcat.html"
},
{
"type": "WEB",
"url": "http://www.jvanlaak.de/stashcat_CWE_312_200527.pdf"
}
],
"schema_version": "1.4.0",
"severity": []
}
GHSA-4VRP-PMWP-P4H4
Vulnerability from github – Published: 2025-04-23 18:30 – Updated: 2025-04-23 18:30BEC Technologies Multiple Routers Cleartext Password Storage Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of BEC Technologies routers. Authentication is required to exploit this vulnerability.
The specific flaw exists within the web-based user interface. The issue results from storing credentials in a recoverable format. An attacker can leverage this vulnerability to disclose stored credentials, leading to further compromise. Was ZDI-CAN-25986.
{
"affected": [],
"aliases": [
"CVE-2025-2770"
],
"database_specific": {
"cwe_ids": [
"CWE-256",
"CWE-312"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-04-23T17:16:55Z",
"severity": "MODERATE"
},
"details": "BEC Technologies Multiple Routers Cleartext Password Storage Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of BEC Technologies routers. Authentication is required to exploit this vulnerability.\n\nThe specific flaw exists within the web-based user interface. The issue results from storing credentials in a recoverable format. An attacker can leverage this vulnerability to disclose stored credentials, leading to further compromise. Was ZDI-CAN-25986.",
"id": "GHSA-4vrp-pmwp-p4h4",
"modified": "2025-04-23T18:30:59Z",
"published": "2025-04-23T18:30:59Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-2770"
},
{
"type": "WEB",
"url": "https://www.zerodayinitiative.com/advisories/ZDI-25-186"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
}
]
}
Mitigation
When storing data in the cloud (e.g., S3 buckets, Azure blobs, Google Cloud Storage, etc.), use the provider's controls to encrypt the data at rest. [REF-1297] [REF-1299] [REF-1301]
Mitigation
In some systems/environments such as cloud, the use of "double encryption" (at both the software and hardware layer) might be required, and the developer might be solely responsible for both layers, instead of shared responsibility with the administrator of the broader system/environment.
CAPEC-37: Retrieve Embedded Sensitive Data
An attacker examines a target system to find sensitive data that has been embedded within it. This information can reveal confidential contents, such as account numbers or individual keys/credentials that can be used as an intermediate step in a larger attack.