CWE-312
AllowedCleartext Storage of Sensitive Information
Abstraction: Base · Status: Draft
The product stores sensitive information in cleartext within a resource that might be accessible to another control sphere.
1017 vulnerabilities reference this CWE, most recent first.
GHSA-5RRC-4HC3-8893
Vulnerability from github – Published: 2022-05-13 01:44 – Updated: 2022-05-13 01:44The Files APP 7.1.1.308 and earlier versions in some Huawei mobile phones has a vulnerability of plaintext storage of users' Safe passwords. An attacker with the root privilege of an Android system could forge the Safe to read users' plaintext Safe passwords, leading to information leak.
{
"affected": [],
"aliases": [
"CVE-2017-2723"
],
"database_specific": {
"cwe_ids": [
"CWE-312"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2017-11-22T19:29:00Z",
"severity": "MODERATE"
},
"details": "The Files APP 7.1.1.308 and earlier versions in some Huawei mobile phones has a vulnerability of plaintext storage of users\u0027 Safe passwords. An attacker with the root privilege of an Android system could forge the Safe to read users\u0027 plaintext Safe passwords, leading to information leak.",
"id": "GHSA-5rrc-4hc3-8893",
"modified": "2022-05-13T01:44:55Z",
"published": "2022-05-13T01:44:55Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-2723"
},
{
"type": "WEB",
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20170419-01-files-en"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-5V4F-V8FW-FJ7J
Vulnerability from github – Published: 2026-02-10 18:30 – Updated: 2026-02-10 18:30Cleartext storage of sensitive information in Azure Compute Gallery allows an authorized attacker to disclose information over a network.
{
"affected": [],
"aliases": [
"CVE-2026-23655"
],
"database_specific": {
"cwe_ids": [
"CWE-312"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2026-02-10T18:16:36Z",
"severity": "MODERATE"
},
"details": "Cleartext storage of sensitive information in Azure Compute Gallery allows an authorized attacker to disclose information over a network.",
"id": "GHSA-5v4f-v8fw-fj7j",
"modified": "2026-02-10T18:30:43Z",
"published": "2026-02-10T18:30:42Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-23655"
},
{
"type": "WEB",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-23655"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-5V8F-CHV2-MX64
Vulnerability from github – Published: 2024-09-27 12:31 – Updated: 2026-06-02 09:36Cleartext Storage of Sensitive Information in a Cookie vulnerability in Oceanic Software ValeApp allows Protocol Manipulation, : JSON Hijacking (aka JavaScript Hijacking).This issue affects ValeApp: before v2.0.0.
{
"affected": [],
"aliases": [
"CVE-2024-8644"
],
"database_specific": {
"cwe_ids": [
"CWE-312",
"CWE-315"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-09-27T12:15:04Z",
"severity": "CRITICAL"
},
"details": "Cleartext Storage of Sensitive Information in a Cookie vulnerability in Oceanic Software ValeApp allows Protocol Manipulation, : JSON Hijacking (aka JavaScript Hijacking).This issue affects ValeApp: before v2.0.0.",
"id": "GHSA-5v8f-chv2-mx64",
"modified": "2026-06-02T09:36:13Z",
"published": "2024-09-27T12:31:40Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-8644"
},
{
"type": "WEB",
"url": "https://siberguvenlik.gov.tr/guvenlik-bildirimleri/detay/tr-24-1562"
},
{
"type": "WEB",
"url": "https://www.usom.gov.tr/bildirim/tr-24-1562"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
},
{
"score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:L/SI:L/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"type": "CVSS_V4"
}
]
}
GHSA-5VQP-64MP-PG5R
Vulnerability from github – Published: 2022-05-24 19:19 – Updated: 2022-05-24 19:19A unprotected storage of credentials in Fortinet FortiSIEM Windows Agent version 4.1.4 and below allows an authenticated user to disclosure agent password due to plaintext credential storage in log files
{
"affected": [],
"aliases": [
"CVE-2021-41023"
],
"database_specific": {
"cwe_ids": [
"CWE-312",
"CWE-522"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2021-11-02T19:15:00Z",
"severity": "MODERATE"
},
"details": "A unprotected storage of credentials in Fortinet FortiSIEM Windows Agent version 4.1.4 and below allows an authenticated user to disclosure agent password due to plaintext credential storage in log files",
"id": "GHSA-5vqp-64mp-pg5r",
"modified": "2022-05-24T19:19:24Z",
"published": "2022-05-24T19:19:24Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-41023"
},
{
"type": "WEB",
"url": "https://fortiguard.com/advisory/FG-IR-21-175"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-5WQ8-R82H-2QQC
Vulnerability from github – Published: 2022-05-24 17:41 – Updated: 2022-05-24 17:41There is an information leak vulnerability in eCNS280_TD versions V100R005C00 and V100R005C10. A command does not have timeout exit mechanism. Temporary file contains sensitive information. This allows attackers to obtain information by inter-process access that requires other methods.
{
"affected": [],
"aliases": [
"CVE-2021-22300"
],
"database_specific": {
"cwe_ids": [
"CWE-312"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2021-02-06T01:15:00Z",
"severity": "MODERATE"
},
"details": "There is an information leak vulnerability in eCNS280_TD versions V100R005C00 and V100R005C10. A command does not have timeout exit mechanism. Temporary file contains sensitive information. This allows attackers to obtain information by inter-process access that requires other methods.",
"id": "GHSA-5wq8-r82h-2qqc",
"modified": "2022-05-24T17:41:14Z",
"published": "2022-05-24T17:41:14Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-22300"
},
{
"type": "WEB",
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20210127-01-cgp-en"
}
],
"schema_version": "1.4.0",
"severity": []
}
GHSA-5XHG-WQM3-8WW2
Vulnerability from github – Published: 2023-09-01 12:30 – Updated: 2024-04-04 07:21An information disclosure issue in GitLab EE affecting all versions from 16.2 prior to 16.2.5, and 16.3 prior to 16.3.1 allowed other Group Owners to see the Public Key for a Google Cloud Logging audit event streaming destination, if configured. Owners can now only write the key, not read it.
{
"affected": [],
"aliases": [
"CVE-2023-3950"
],
"database_specific": {
"cwe_ids": [
"CWE-312"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2023-09-01T11:15:42Z",
"severity": "LOW"
},
"details": "An information disclosure issue in GitLab EE affecting all versions from 16.2 prior to 16.2.5, and 16.3 prior to 16.3.1 allowed other Group Owners to see the Public Key for a Google Cloud Logging audit event streaming destination, if configured. Owners can now only write the key, not read it.",
"id": "GHSA-5xhg-wqm3-8ww2",
"modified": "2024-04-04T07:21:22Z",
"published": "2023-09-01T12:30:44Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-3950"
},
{
"type": "WEB",
"url": "https://hackerone.com/reports/2079154"
},
{
"type": "WEB",
"url": "https://gitlab.com/gitlab-org/gitlab/-/issues/419675"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-62PM-2JJW-MQPX
Vulnerability from github – Published: 2026-04-30 15:30 – Updated: 2026-06-30 03:36A vulnerability in the assisted-service REST API, an optional Assisted Installer (assisted-service) component in the Multicluster Engine (MCE), allows an authenticated user with minimal namespace-scoped privileges to obtain administrative credentials for arbitrary clusters provisioned through the hub.
The credentials download endpoint (GET /v2/clusters/{cluster_id}/credentials, which returns the kubeadmin password) and the kubeconfig download endpoint are operational in AUTH_TYPE=local mode, the only authentication mode available in on-premises ACM/MCE hub deployments. The local authenticator unconditionally grants full administrative access to any request bearing a valid JWT, with no per-endpoint restrictions. A valid local JWT is embedded as a plaintext query parameter in InfraEnvStatus.ISODownloadURL and is readable by any user who has get rights on an InfraEnv object in their own namespace.
The affected components ship as part of Multicluster Engine (MCE). The Red Hat Advanced Cluster Management (ACM) deployments that include MCE are equally affected. This issue does not affect the hosted SaaS offering (console.redhat.com), which uses a different authentication mode.
Successful exploitation gives the attacker the kubeadmin password and kubeconfig for any OpenShift cluster provisioned through the affected hub, granting unrestricted root-level administrative access to those spoke clusters.
{
"affected": [],
"aliases": [
"CVE-2026-7163"
],
"database_specific": {
"cwe_ids": [
"CWE-312"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2026-04-30T14:16:36Z",
"severity": "MODERATE"
},
"details": "A vulnerability in the assisted-service REST API, an optional Assisted Installer (assisted-service) component in the Multicluster Engine (MCE), allows an authenticated user with minimal namespace-scoped privileges to obtain administrative credentials for arbitrary clusters provisioned through the hub. \n\nThe credentials download endpoint (GET /v2/clusters/{cluster_id}/credentials, which returns the kubeadmin password) and the kubeconfig download endpoint are operational in AUTH_TYPE=local mode, the only authentication mode available in on-premises ACM/MCE hub deployments. The local authenticator unconditionally grants full administrative access to any request bearing a valid JWT, with no per-endpoint restrictions. A valid local JWT is embedded as a plaintext query parameter in InfraEnvStatus.ISODownloadURL and is readable by any user who has get rights on an InfraEnv object in their own namespace.\n\nThe affected components ship as part of Multicluster Engine (MCE). The Red Hat Advanced Cluster Management (ACM) deployments that include MCE are equally affected.\nThis issue does not affect the hosted SaaS offering (console.redhat.com), which uses a different authentication mode.\n\nSuccessful exploitation gives the attacker the kubeadmin password and kubeconfig for any OpenShift cluster provisioned through the affected hub, granting unrestricted root-level administrative access to those spoke clusters.",
"id": "GHSA-62pm-2jjw-mqpx",
"modified": "2026-06-30T03:36:28Z",
"published": "2026-04-30T15:30:39Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-7163"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2026:11511"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2026:11512"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2026:12116"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2026:12337"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2026:18584"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2026:18585"
},
{
"type": "WEB",
"url": "https://access.redhat.com/security/cve/CVE-2026-7163"
},
{
"type": "WEB",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2463152"
},
{
"type": "WEB",
"url": "https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-7163.json"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:A/AC:L/PR:L/UI:R/S:C/C:H/I:N/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-637G-65XR-XR73
Vulnerability from github – Published: 2022-05-24 17:35 – Updated: 2022-05-24 17:35Ceph-ansible 4.0.34.1 creates /etc/ceph/iscsi-gateway.conf with insecure default permissions, allowing any user to read the sensitive information within.
{
"affected": [],
"aliases": [
"CVE-2020-25677"
],
"database_specific": {
"cwe_ids": [
"CWE-312"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2020-12-08T01:15:00Z",
"severity": "MODERATE"
},
"details": "Ceph-ansible 4.0.34.1 creates /etc/ceph/iscsi-gateway.conf with insecure default permissions, allowing any user to read the sensitive information within.",
"id": "GHSA-637g-65xr-xr73",
"modified": "2022-05-24T17:35:33Z",
"published": "2022-05-24T17:35:33Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-25677"
},
{
"type": "WEB",
"url": "https://github.com/ceph/ceph-ansible/pull/5964"
},
{
"type": "WEB",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1892108"
}
],
"schema_version": "1.4.0",
"severity": []
}
GHSA-63QJ-P8GH-5XXX
Vulnerability from github – Published: 2022-05-13 01:53 – Updated: 2023-07-06 23:31rap2hpoutre Laravel Log Viewer before v0.13.0 relies on Base64 encoding for l, dl, and del requests, which makes it easier for remote attackers to bypass intended access restrictions, as demonstrated by reading arbitrary files via a dl request.
{
"affected": [
{
"package": {
"ecosystem": "Packagist",
"name": "rap2hpoutre/laravel-log-viewer"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "0.13.0"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2018-8947"
],
"database_specific": {
"cwe_ids": [
"CWE-312"
],
"github_reviewed": true,
"github_reviewed_at": "2023-07-06T23:31:29Z",
"nvd_published_at": "2018-03-25T16:29:00Z",
"severity": "HIGH"
},
"details": "rap2hpoutre Laravel Log Viewer before v0.13.0 relies on Base64 encoding for l, dl, and del requests, which makes it easier for remote attackers to bypass intended access restrictions, as demonstrated by reading arbitrary files via a dl request.",
"id": "GHSA-63qj-p8gh-5xxx",
"modified": "2023-07-06T23:31:29Z",
"published": "2022-05-13T01:53:50Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-8947"
},
{
"type": "WEB",
"url": "https://github.com/rap2hpoutre/laravel-log-viewer/commit/cda89c06dc5331d06fab863d7cb1c4047ad68357"
},
{
"type": "WEB",
"url": "https://github.com/rap2hpoutre/laravel-log-viewer/releases/tag/v0.13.0"
},
{
"type": "WEB",
"url": "https://www.exploit-db.com/exploits/44343"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
}
],
"summary": "Plaintext Storage of Sensitive Information in Laravel Log Viewer before v0.13.0"
}
GHSA-6432-6X76-6778
Vulnerability from github – Published: 2022-05-01 23:28 – Updated: 2024-02-14 18:30GE Fanuc Proficy Real-Time Information Portal 2.6 and earlier uses HTTP Basic Authentication, which transmits usernames and passwords in base64-encoded cleartext and allows remote attackers to steal the passwords and gain privileges.
{
"affected": [],
"aliases": [
"CVE-2008-0174"
],
"database_specific": {
"cwe_ids": [
"CWE-312"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2008-01-29T02:00:00Z",
"severity": "MODERATE"
},
"details": "GE Fanuc Proficy Real-Time Information Portal 2.6 and earlier uses HTTP Basic Authentication, which transmits usernames and passwords in base64-encoded cleartext and allows remote attackers to steal the passwords and gain privileges.",
"id": "GHSA-6432-6x76-6778",
"modified": "2024-02-14T18:30:23Z",
"published": "2022-05-01T23:28:06Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2008-0174"
},
{
"type": "WEB",
"url": "http://securityreason.com/securityalert/3590"
},
{
"type": "WEB",
"url": "http://securitytracker.com/id?1019273"
},
{
"type": "WEB",
"url": "http://support.gefanuc.com/support/index?page=kbchannel\u0026id=KB12459"
},
{
"type": "WEB",
"url": "http://www.kb.cert.org/vuls/id/180876"
},
{
"type": "WEB",
"url": "http://www.securityfocus.com/archive/1/487075/100/0/threaded"
},
{
"type": "WEB",
"url": "http://www.securityfocus.com/archive/1/487244/100/0/threaded"
},
{
"type": "WEB",
"url": "http://www.securityfocus.com/bid/30754"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
Mitigation
When storing data in the cloud (e.g., S3 buckets, Azure blobs, Google Cloud Storage, etc.), use the provider's controls to encrypt the data at rest. [REF-1297] [REF-1299] [REF-1301]
Mitigation
In some systems/environments such as cloud, the use of "double encryption" (at both the software and hardware layer) might be required, and the developer might be solely responsible for both layers, instead of shared responsibility with the administrator of the broader system/environment.
CAPEC-37: Retrieve Embedded Sensitive Data
An attacker examines a target system to find sensitive data that has been embedded within it. This information can reveal confidential contents, such as account numbers or individual keys/credentials that can be used as an intermediate step in a larger attack.