Common Weakness Enumeration

CWE-312

Allowed

Cleartext Storage of Sensitive Information

Abstraction: Base · Status: Draft

The product stores sensitive information in cleartext within a resource that might be accessible to another control sphere.

1017 vulnerabilities reference this CWE, most recent first.

GHSA-5C2R-F52F-MQ7P

Vulnerability from github – Published: 2024-11-26 09:30 – Updated: 2025-11-04 18:31
VLAI
Details

User passwords are decrypted and stored on memory before any user logged in. Those decrypted passwords can be retrieved from the coredump file. As for the details of affected product names, model numbers, and versions, refer to the information provided by the respective vendors listed under [References].

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2024-29146"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-312"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-11-26T08:15:05Z",
    "severity": "MODERATE"
  },
  "details": "User passwords are decrypted and stored on memory before any user logged in. Those decrypted passwords can be retrieved from the coredump file. As for the details of affected product names, model numbers, and versions, refer to the information provided by the respective vendors listed under [References].",
  "id": "GHSA-5c2r-f52f-mq7p",
  "modified": "2025-11-04T18:31:30Z",
  "published": "2024-11-26T09:30:49Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-29146"
    },
    {
      "type": "WEB",
      "url": "https://global.sharp/products/copier/info/info_security_2024-05.html"
    },
    {
      "type": "WEB",
      "url": "https://jp.sharp/business/print/information/info_security_2024-05.html"
    },
    {
      "type": "WEB",
      "url": "https://jvn.jp/en/vu/JVNVU93051062"
    },
    {
      "type": "WEB",
      "url": "https://pierrekim.github.io/blog/2024-06-27-sharp-mfp-17-vulnerabilities.html"
    },
    {
      "type": "WEB",
      "url": "https://www.toshibatec.co.jp/information/20240531_02.html"
    },
    {
      "type": "WEB",
      "url": "https://www.toshibatec.com/information/20240531_02.html"
    },
    {
      "type": "WEB",
      "url": "http://seclists.org/fulldisclosure/2024/Jul/0"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-5CJR-MRQ7-Q7WQ

Vulnerability from github – Published: 2024-01-09 03:30 – Updated: 2024-01-12 21:30
VLAI
Details

TP-Link Tapo APK up to v2.12.703 uses hardcoded credentials for access to the login panel.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2023-27098"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-312"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-01-09T02:15:44Z",
    "severity": "HIGH"
  },
  "details": "TP-Link Tapo APK up to v2.12.703 uses hardcoded credentials for access to the login panel.",
  "id": "GHSA-5cjr-mrq7-q7wq",
  "modified": "2024-01-12T21:30:18Z",
  "published": "2024-01-09T03:30:22Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-27098"
    },
    {
      "type": "WEB",
      "url": "https://github.com/c0d3x27/CVEs/tree/main/CVE-2023-27098"
    },
    {
      "type": "WEB",
      "url": "https://www.tp-link.com/support/contact-technical-support/#LiveChat-Support"
    },
    {
      "type": "WEB",
      "url": "http://tp-lin.com"
    },
    {
      "type": "WEB",
      "url": "http://tp-link.com"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-5F2H-GXRX-J654

Vulnerability from github – Published: 2024-08-02 12:31 – Updated: 2025-11-04 00:31
VLAI
Details

A vulnerability has been identified in Omnivise T3000 Application Server (All versions), Omnivise T3000 Domain Controller (All versions), Omnivise T3000 Network Intrusion Detection System (NIDS) (All versions), Omnivise T3000 Product Data Management (PDM) (All versions), Omnivise T3000 Security Server (All versions), Omnivise T3000 Terminal Server (All versions), Omnivise T3000 Thin Client (All versions), Omnivise T3000 Whitelisting Server (All versions). The affected devices stores initial system credentials without sufficient protection. An attacker with remote shell access or physical access could retrieve the credentials leading to confidentiality loss allowing the attacker to laterally move within the affected network.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2024-38877"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-312"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-08-02T11:16:41Z",
    "severity": "HIGH"
  },
  "details": "A vulnerability has been identified in Omnivise\u00a0T3000 Application Server (All versions), Omnivise T3000 Domain Controller (All versions), Omnivise T3000 Network Intrusion Detection System (NIDS) (All versions), Omnivise T3000 Product Data Management (PDM) (All versions), Omnivise T3000 Security Server (All versions), Omnivise\u00a0T3000 Terminal Server (All versions), Omnivise T3000 Thin Client (All versions), Omnivise T3000 Whitelisting Server (All versions). The affected devices stores initial system credentials without sufficient protection.  An attacker with remote shell access or physical access could retrieve the credentials leading to confidentiality loss allowing the attacker to laterally move within the affected network.",
  "id": "GHSA-5f2h-gxrx-j654",
  "modified": "2025-11-04T00:31:10Z",
  "published": "2024-08-02T12:31:43Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-38877"
    },
    {
      "type": "WEB",
      "url": "https://cert-portal.siemens.com/productcert/html/ssa-857368.html"
    },
    {
      "type": "WEB",
      "url": "http://seclists.org/fulldisclosure/2024/Nov/5"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
      "type": "CVSS_V3"
    },
    {
      "score": "CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:N/VA:N/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
      "type": "CVSS_V4"
    }
  ]
}

GHSA-5FXV-93PC-G3CM

Vulnerability from github – Published: 2022-05-24 17:38 – Updated: 2022-05-24 17:38
VLAI
Details

Dell EMC PowerStore versions prior to 1.0.3.0.5.007 contain a Plain-Text Password Storage Vulnerability in PowerStore X & T environments. A locally authenticated attacker could potentially exploit this vulnerability, leading to the disclosure of certain user credentials. The attacker may be able to use the exposed credentials to access the vulnerable application with privileges of the compromised account.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2020-29501"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-312"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2021-01-05T22:15:00Z",
    "severity": "MODERATE"
  },
  "details": "Dell EMC PowerStore versions prior to 1.0.3.0.5.007 contain a Plain-Text Password Storage Vulnerability in PowerStore X \u0026 T environments. A locally authenticated attacker could potentially exploit this vulnerability, leading to the disclosure of certain user credentials. The attacker may be able to use the exposed credentials to access the vulnerable application with privileges of the compromised account.",
  "id": "GHSA-5fxv-93pc-g3cm",
  "modified": "2022-05-24T17:38:01Z",
  "published": "2022-05-24T17:38:01Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-29501"
    },
    {
      "type": "WEB",
      "url": "https://www.dell.com/support/kbdoc/000180775"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

GHSA-5H92-393W-8JC6

Vulnerability from github – Published: 2024-07-25 12:32 – Updated: 2024-07-25 12:32
VLAI
Details

Plaintext vulnerability in the Gallery search module. Impact: Successful exploitation of this vulnerability will affect availability.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2024-39674"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-312"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-07-25T12:15:03Z",
    "severity": "MODERATE"
  },
  "details": "Plaintext vulnerability in the Gallery search module.\nImpact: Successful exploitation of this vulnerability will affect availability.",
  "id": "GHSA-5h92-393w-8jc6",
  "modified": "2024-07-25T12:32:02Z",
  "published": "2024-07-25T12:32:02Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-39674"
    },
    {
      "type": "WEB",
      "url": "https://consumer.huawei.com/en/support/bulletin/2024/7"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-5HGV-M339-HWV4

Vulnerability from github – Published: 2024-12-11 03:31 – Updated: 2024-12-11 03:31
VLAI
Details

IBM OpenPages with Watson 9.0 may write sensitive information, under specific configurations, in clear text to the system tracing log files that could be obtained by a privileged user.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2024-35117"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-312"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-12-11T02:15:05Z",
    "severity": "MODERATE"
  },
  "details": "IBM OpenPages with Watson 9.0 may write sensitive information, under specific configurations, in clear text to the system tracing log files that could be obtained by a privileged user.",
  "id": "GHSA-5hgv-m339-hwv4",
  "modified": "2024-12-11T03:31:58Z",
  "published": "2024-12-11T03:31:58Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-35117"
    },
    {
      "type": "WEB",
      "url": "https://www.ibm.com/support/pages/node/7165392"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-5HHG-Q22C-6G39

Vulnerability from github – Published: 2022-05-24 16:50 – Updated: 2023-10-26 22:29
VLAI
Summary
Jenkins Port Allocator Plugin stores credentials in plain text
Details

Jenkins Port Allocator Plugin stores credentials unencrypted in job config.xml files on the Jenkins controller. These credentials can be viewed by users with Extended Read permission, or access to the Jenkins controller file system.

As of publication of this advisory, there is no fix.

Show details on source website

{
  "affected": [
    {
      "package": {
        "ecosystem": "Maven",
        "name": "org.jenkins-ci.plugins:port-allocator"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "last_affected": "1.10"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2019-10350"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-312"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2023-10-26T22:29:25Z",
    "nvd_published_at": "2019-07-11T14:15:00Z",
    "severity": "MODERATE"
  },
  "details": "Jenkins Port Allocator Plugin stores credentials unencrypted in job `config.xml` files on the Jenkins controller. These credentials can be viewed by users with Extended Read permission, or access to the Jenkins controller file system.\n\nAs of publication of this advisory, there is no fix.",
  "id": "GHSA-5hhg-q22c-6g39",
  "modified": "2023-10-26T22:29:25Z",
  "published": "2022-05-24T16:50:04Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-10350"
    },
    {
      "type": "WEB",
      "url": "https://jenkins.io/security/advisory/2019-07-11/#SECURITY-1441"
    },
    {
      "type": "WEB",
      "url": "http://www.openwall.com/lists/oss-security/2019/07/11/4"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
      "type": "CVSS_V3"
    }
  ],
  "summary": "Jenkins Port Allocator Plugin stores credentials in plain text"
}

GHSA-5J38-56HC-67J7

Vulnerability from github – Published: 2022-05-24 17:45 – Updated: 2022-05-24 17:45
VLAI
Details

IBM UrbanCode Deploy (UCD) 7.0.3.0, 7.0.4.0, 7.0.5.3, 7.0.5.4, 7.1.0.0, 7.1.1.0, 7.1.1.1, and 7.1.1.2, stores keystore passwords in plain in plain text after a manuel edit, which can be read by a local user. IBM X-Force ID: 191944.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2020-4944"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-312"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2021-03-30T16:15:00Z",
    "severity": "MODERATE"
  },
  "details": "IBM UrbanCode Deploy (UCD) 7.0.3.0, 7.0.4.0, 7.0.5.3, 7.0.5.4, 7.1.0.0, 7.1.1.0, 7.1.1.1, and 7.1.1.2, stores keystore passwords in plain in plain text after a manuel edit, which can be read by a local user. IBM X-Force ID: 191944.",
  "id": "GHSA-5j38-56hc-67j7",
  "modified": "2022-05-24T17:45:42Z",
  "published": "2022-05-24T17:45:42Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-4944"
    },
    {
      "type": "WEB",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/191944"
    },
    {
      "type": "WEB",
      "url": "https://www.ibm.com/support/pages/node/6437567"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

GHSA-5J75-MF86-7H39

Vulnerability from github – Published: 2022-05-13 01:26 – Updated: 2022-05-13 01:26
VLAI
Details

The Milwaukee ONE-KEY Android mobile application stores the master token in plaintext in the apk binary.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2017-3214"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-312"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2017-06-20T00:29:00Z",
    "severity": "HIGH"
  },
  "details": "The Milwaukee ONE-KEY Android mobile application stores the master token in plaintext in the apk binary.",
  "id": "GHSA-5j75-mf86-7h39",
  "modified": "2022-05-13T01:26:23Z",
  "published": "2022-05-13T01:26:23Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-3214"
    },
    {
      "type": "WEB",
      "url": "https://duo.com/blog/bug-hunting-drilling-into-the-internet-of-things-iot"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-5JW2-VQXM-5FMX

Vulnerability from github – Published: 2026-05-13 18:30 – Updated: 2026-05-13 18:30
VLAI
Details

When BIG-IP DNS is provisioned, a vulnerability exists in an undisclosed TMOS Shell (tmsh) command that may allow a highly privileged authenticated attacker to view sensitive information.  Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2026-42408"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-312"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2026-05-13T16:16:47Z",
    "severity": "MODERATE"
  },
  "details": "When BIG-IP DNS is provisioned, a vulnerability exists in an undisclosed TMOS Shell (tmsh) command that may allow a highly privileged authenticated attacker to view sensitive information.\u00a0\u00a0Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.",
  "id": "GHSA-5jw2-vqxm-5fmx",
  "modified": "2026-05-13T18:30:56Z",
  "published": "2026-05-13T18:30:56Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-42408"
    },
    {
      "type": "WEB",
      "url": "https://my.f5.com/manage/s/article/K000157981"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
      "type": "CVSS_V3"
    },
    {
      "score": "CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
      "type": "CVSS_V4"
    }
  ]
}

Mitigation
Implementation System Configuration Operation

When storing data in the cloud (e.g., S3 buckets, Azure blobs, Google Cloud Storage, etc.), use the provider's controls to encrypt the data at rest. [REF-1297] [REF-1299] [REF-1301]

Mitigation
Implementation System Configuration Operation

In some systems/environments such as cloud, the use of "double encryption" (at both the software and hardware layer) might be required, and the developer might be solely responsible for both layers, instead of shared responsibility with the administrator of the broader system/environment.

CAPEC-37: Retrieve Embedded Sensitive Data

An attacker examines a target system to find sensitive data that has been embedded within it. This information can reveal confidential contents, such as account numbers or individual keys/credentials that can be used as an intermediate step in a larger attack.