Common Weakness Enumeration

CWE-312

Allowed

Cleartext Storage of Sensitive Information

Abstraction: Base · Status: Draft

The product stores sensitive information in cleartext within a resource that might be accessible to another control sphere.

1017 vulnerabilities reference this CWE, most recent first.

GHSA-6FPG-44RR-WCFJ

Vulnerability from github – Published: 2022-05-13 01:36 – Updated: 2022-05-13 01:36
VLAI
Details

An Cleartext Storage of Sensitive Information issue was discovered in General Motors (GM) and Shanghai OnStar (SOS) SOS iOS Client 7.1. Successful exploitation of this vulnerability may allow a remote attacker to access an encryption key that is stored in cleartext in memory.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2017-9663"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-312"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2018-01-09T21:29:00Z",
    "severity": "HIGH"
  },
  "details": "An Cleartext Storage of Sensitive Information issue was discovered in General Motors (GM) and Shanghai OnStar (SOS) SOS iOS Client 7.1. Successful exploitation of this vulnerability may allow a remote attacker to access an encryption key that is stored in cleartext in memory.",
  "id": "GHSA-6fpg-44rr-wcfj",
  "modified": "2022-05-13T01:36:04Z",
  "published": "2022-05-13T01:36:04Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-9663"
    },
    {
      "type": "WEB",
      "url": "https://ics-cert.us-cert.gov/advisories/ICSA-17-234-04"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/102481"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-6G79-3R2C-5VXG

Vulnerability from github – Published: 2022-05-24 19:01 – Updated: 2022-05-24 19:01
VLAI
Details

An issue has been discovered in GitLab affecting all versions starting from 11.6. Pull mirror credentials are exposed that allows other maintainers to be able to view the credentials in plain-text,

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2021-22206"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-312"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2021-05-06T14:15:00Z",
    "severity": "MODERATE"
  },
  "details": "An issue has been discovered in GitLab affecting all versions starting from 11.6. Pull mirror credentials are exposed that allows other maintainers to be able to view the credentials in plain-text,",
  "id": "GHSA-6g79-3r2c-5vxg",
  "modified": "2022-05-24T19:01:30Z",
  "published": "2022-05-24T19:01:30Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-22206"
    },
    {
      "type": "WEB",
      "url": "https://hackerone.com/reports/928074"
    },
    {
      "type": "WEB",
      "url": "https://gitlab.com/gitlab-org/cves/-/blob/master/2021/CVE-2021-22206.json"
    },
    {
      "type": "WEB",
      "url": "https://gitlab.com/gitlab-org/gitlab/-/issues/230864"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

GHSA-6H86-PP56-MP6M

Vulnerability from github – Published: 2022-05-24 17:31 – Updated: 2022-05-24 17:31
VLAI
Details

The installation procedure in BigBlueButton before 2.2.28 (or earlier) uses ClueCon as the FreeSWITCH password, which allows local users to achieve unintended FreeSWITCH access.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2020-27613"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-312"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2020-10-21T15:15:00Z",
    "severity": "HIGH"
  },
  "details": "The installation procedure in BigBlueButton before 2.2.28 (or earlier) uses ClueCon as the FreeSWITCH password, which allows local users to achieve unintended FreeSWITCH access.",
  "id": "GHSA-6h86-pp56-mp6m",
  "modified": "2022-05-24T17:31:45Z",
  "published": "2022-05-24T17:31:45Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-27613"
    },
    {
      "type": "WEB",
      "url": "https://www.golem.de/news/big-blue-button-das-grosse-blaue-sicherheitsrisiko-2010-151610.html"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

GHSA-6H9X-9J5V-7W9H

Vulnerability from github – Published: 2025-08-29 20:31 – Updated: 2025-08-29 20:31
VLAI
Summary
Rancher Fleet Helm Values are stored inside BundleDeployment in plain text
Details

Impact

A vulnerability has been identified when using Fleet to manage Helm charts where sensitive information is passed through BundleDeployment.Spec.Options.Helm.Values may be stored in plain text. This can result in: 1. Unauthorized disclosure of sensitive data: Any user with GET or LIST permissions on BundleDeployment resources could retrieve Helm values containing credentials or other secrets. 2. Lack of encryption at rest: BundleDeployment is not configured for Kubernetes encryption at rest by default, causing sensitive values to remain unencrypted within the cluster datastore.

This behavior differs from Helm v3’s default approach, where chart state — including values — is stored in Kubernetes secrets, benefiting from built-in protection mechanisms. In affected scenarios, credentials and other sensitive information are exposed both at rest and in responses to API calls.

Please consult the associated MITRE ATT&CK - Technique - Credentials from Password Stores for further information about this category of attack.

For the exposure of credentials not related to Rancher, the final impact severity for confidentiality, integrity, and availability is dependent on the permissions that the leaked credentials have on their own services. It is recommended to review the potentially exposed sensitive data in this scenario and change secrets, tokens, and passwords as necessary.

Patches

This vulnerability is addressed by adding the capability for each Bundle and BundleDeployment to have a secret to store options in. 1. The git job that runs fleet apply will now create secrets for Helm values. 2. Fleet controller generates bundledeployments and now creates a Helm values secret per bundle deployment in the cluster namespace. 3. Fleet agent uses the bundledeployment for options, the content resource and the secret to deploy the bundle.

Patched versions of Fleet include releases v0.14.0, v0.13.1, v0.12.6 and v0.11.10.

Workarounds

If you can't upgrade to a fixed version, please make sure to specify paths to valuesFiles as simple file names, e.g.:

Instead of:

helm:
  valuesFiles:
    - config-chart/values.yaml # will not be excluded → risky

Use:

helm:
  valuesFiles:
    - values.yaml # will be excluded

References

If you have any questions or comments about this advisory: - Reach out to the SUSE Rancher Security team for security related inquiries. - Open an issue in the Rancher repository. - Verify with our support matrix and product support lifecycle.

Show details on source website

{
  "affected": [
    {
      "package": {
        "ecosystem": "Go",
        "name": "github.com/rancher/fleet"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0.13.0"
            },
            {
              "fixed": "0.13.1-0.20250806151509-088bcbea7edb"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "Go",
        "name": "github.com/rancher/fleet"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0.12.0"
            },
            {
              "fixed": "0.12.6"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "Go",
        "name": "github.com/rancher/fleet"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0.11.0"
            },
            {
              "fixed": "0.11.10"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2024-52284"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-312"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2025-08-29T20:31:17Z",
    "nvd_published_at": null,
    "severity": "HIGH"
  },
  "details": "### Impact\nA vulnerability has been identified when using Fleet to manage Helm charts where sensitive information is passed through `BundleDeployment.Spec.Options.Helm.Values` may be stored in plain text. This can result in: \n1. Unauthorized disclosure of sensitive data: Any user with `GET` or `LIST` permissions on `BundleDeployment` resources could retrieve Helm values containing credentials or other secrets.\n2. Lack of encryption at rest: `BundleDeployment` is not configured for Kubernetes encryption at rest by default, causing sensitive values to remain unencrypted within the cluster datastore.\n\nThis behavior differs from Helm v3\u2019s default approach, where chart state \u2014 including values \u2014 is stored in Kubernetes secrets, benefiting from built-in protection mechanisms. In affected scenarios, credentials and other sensitive information are exposed both at rest and in responses to API calls.\n\nPlease consult the associated  [MITRE ATT\u0026CK - Technique - Credentials from Password Stores](https://attack.mitre.org/techniques/T1555/) for further information about this category of attack.\n\nFor the exposure of credentials not related to Rancher, the final impact severity for confidentiality, integrity, and availability is dependent on the permissions that the leaked credentials have on their own services.\nIt is recommended to review the potentially exposed sensitive data in this scenario and change secrets, tokens, and passwords as necessary.\n\n### Patches\nThis vulnerability is addressed by adding the capability for each `Bundle` and `BundleDeployment` to have a secret to store options in.\n1. The git job that runs `fleet apply` will now create secrets for Helm values.\n2. Fleet controller generates `bundledeployments` and now creates a Helm values secret per bundle deployment in the cluster namespace.\n3. Fleet agent uses the `bundledeployment` for options, the content resource and the secret to deploy the bundle.\n\n\nPatched versions of Fleet include releases `v0.14.0`, `v0.13.1`, `v0.12.6` and `v0.11.10`.\n\n### Workarounds\nIf you can\u0027t upgrade to a fixed version, please make sure to specify paths to valuesFiles as simple file names, e.g.:\n\nInstead of:\n```fleet.yaml\nhelm:\n  valuesFiles:\n    - config-chart/values.yaml # will not be excluded \u2192 risky\n```\nUse:\n```fleet.yaml\nhelm:\n  valuesFiles:\n    - values.yaml # will be excluded\n```\n\n### References\nIf you have any questions or comments about this advisory:\n- Reach out to the [SUSE Rancher Security team](https://github.com/rancher/rancher/security/policy) for security related inquiries.\n- Open an issue in the [Rancher](https://github.com/rancher/rancher/issues/new/choose) repository.\n- Verify with our [support matrix](https://www.suse.com/suse-rancher/support-matrix/all-supported-versions/) and [product support lifecycle](https://www.suse.com/lifecycle/).",
  "id": "GHSA-6h9x-9j5v-7w9h",
  "modified": "2025-08-29T20:31:17Z",
  "published": "2025-08-29T20:31:17Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://github.com/rancher/fleet/security/advisories/GHSA-6h9x-9j5v-7w9h"
    },
    {
      "type": "WEB",
      "url": "https://github.com/rancher/fleet/commit/088bcbea7edb844d7e6fc3649d9954f763cf68a9"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/rancher/fleet"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N",
      "type": "CVSS_V3"
    }
  ],
  "summary": "Rancher Fleet Helm Values are stored inside BundleDeployment in plain text"
}

GHSA-6HVV-J432-23CV

Vulnerability from github – Published: 2023-07-14 21:52 – Updated: 2023-07-14 21:52
VLAI
Summary
Weave GitOps Terraform Controller Information Disclosure Vulnerability
Details

Impact

A vulnerability has been identified in Weave GitOps Terraform Controller which could allow an authenticated remote attacker to view sensitive information. This vulnerability stems from Weave GitOps Terraform Runners (tf-runner), where sensitive data is inadvertently printed - potentially revealing sensitive user data in their pod logs. In particular, functions tfexec.ShowPlan, tfexec.ShowPlanRaw, and tfexec.Output are implicated when the tfexec object set its Stdout and Stderr to be os.Stdout and os.Stderr.

An unauthorized remote attacker could exploit this vulnerability by accessing these prints of sensitive information, which may contain configurations or tokens that could be used to gain unauthorized control or access to resources managed by the Terraform controller.

A successful exploit could allow the attacker to utilize this sensitive data, potentially leading to unauthorized access or control of the system.

Patches

This vulnerability has been addressed in Weave GitOps Terraform Controller versions v0.14.4 and v0.15.0-rc.5. Users are urged to upgrade to one of these versions to mitigate the vulnerability.

The patches for this vulnerability are found in: - this commit: 9708fda28ccd0466cb0a8fd409854ab4d92f7dca - this commit: 6323b355bd7f5d2ce85d0244fe0883af3881df4e - this commit: 28282bc644054e157c3b9a3d38f1f9551ce09074 - and this commit: 98a0688036e9dbcf43fa84960d9a1ef3e09a69cf

Workarounds

As a temporary measure until the patch can be applied, users can add the environment variable DISABLE_TF_LOGS to the tf-runners via the runner pod template of the Terraform Custom Resource. This will prevent the logging of sensitive information and mitigate the risk of this vulnerability.

References

  • The first issue: https://github.com/weaveworks/tf-controller/issues/637
  • The second issue: https://github.com/weaveworks/tf-controller/issues/649

For More Information

If you have any further questions or comments about this advisory:

Open an issue in the Weave GitOps Terraform Controller repository Email us at security@weave.works

Show details on source website

{
  "affected": [
    {
      "package": {
        "ecosystem": "Go",
        "name": "github.com/weaveworks/tf-controller"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "0.14.4"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "Go",
        "name": "github.com/weaveworks/tf-controller"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0.15.0-rc.1"
            },
            {
              "fixed": "0.15.0-rc.5"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2023-34236"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-200",
      "CWE-312",
      "CWE-522",
      "CWE-532"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2023-07-14T21:52:09Z",
    "nvd_published_at": "2023-07-14T22:15:09Z",
    "severity": "HIGH"
  },
  "details": "### Impact\n\nA vulnerability has been identified in Weave GitOps Terraform Controller which could allow an authenticated remote attacker to view sensitive information. This vulnerability stems from Weave GitOps Terraform Runners (`tf-runner`), where sensitive data is inadvertently printed - potentially revealing sensitive user data in their pod logs. In particular, functions `tfexec.ShowPlan`, `tfexec.ShowPlanRaw`, and `tfexec.Output` are implicated when the `tfexec` object set its `Stdout` and `Stderr` to be `os.Stdout` and `os.Stderr`.\n\nAn unauthorized remote attacker could exploit this vulnerability by accessing these prints of sensitive information, which may contain configurations or tokens that could be used to gain unauthorized control or access to resources managed by the Terraform controller.\n\nA successful exploit could allow the attacker to utilize this sensitive data, potentially leading to unauthorized access or control of the system.\n\n### Patches\n\nThis vulnerability has been addressed in Weave GitOps Terraform Controller versions `v0.14.4` and `v0.15.0-rc.5`. Users are urged to upgrade to one of these versions to mitigate the vulnerability.\n\nThe patches for this vulnerability are found in:\n- this commit: 9708fda28ccd0466cb0a8fd409854ab4d92f7dca\n- this commit: 6323b355bd7f5d2ce85d0244fe0883af3881df4e\n- this commit: 28282bc644054e157c3b9a3d38f1f9551ce09074\n- and this commit: 98a0688036e9dbcf43fa84960d9a1ef3e09a69cf\n\n### Workarounds\n\nAs a temporary measure until the patch can be applied, users can add the environment variable `DISABLE_TF_LOGS` to the tf-runners via the runner pod template of the Terraform Custom Resource. This will prevent the logging of sensitive information and mitigate the risk of this vulnerability.\n\n### References\n\n- The first issue: https://github.com/weaveworks/tf-controller/issues/637\n- The second issue: https://github.com/weaveworks/tf-controller/issues/649\n\n### For More Information\n\nIf you have any further questions or comments about this advisory:\n\nOpen an issue in the Weave GitOps Terraform Controller repository\nEmail us at [security@weave.works](mailto:security@weave.works)\n",
  "id": "GHSA-6hvv-j432-23cv",
  "modified": "2023-07-14T21:52:09Z",
  "published": "2023-07-14T21:52:09Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://github.com/weaveworks/tf-controller/security/advisories/GHSA-6hvv-j432-23cv"
    },
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-34236"
    },
    {
      "type": "WEB",
      "url": "https://github.com/weaveworks/tf-controller/issues/637"
    },
    {
      "type": "WEB",
      "url": "https://github.com/weaveworks/tf-controller/issues/649"
    },
    {
      "type": "WEB",
      "url": "https://github.com/weaveworks/tf-controller/commit/28282bc644054e157c3b9a3d38f1f9551ce09074"
    },
    {
      "type": "WEB",
      "url": "https://github.com/weaveworks/tf-controller/commit/6323b355bd7f5d2ce85d0244fe0883af3881df4e"
    },
    {
      "type": "WEB",
      "url": "https://github.com/weaveworks/tf-controller/commit/9708fda28ccd0466cb0a8fd409854ab4d92f7dca"
    },
    {
      "type": "WEB",
      "url": "https://github.com/weaveworks/tf-controller/commit/98a0688036e9dbcf43fa84960d9a1ef3e09a69cf"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/weaveworks/tf-controller"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:L/A:N",
      "type": "CVSS_V3"
    }
  ],
  "summary": "Weave GitOps Terraform Controller Information Disclosure Vulnerability"
}

GHSA-6HW7-X86V-WRGF

Vulnerability from github – Published: 2023-01-26 21:30 – Updated: 2023-02-02 17:31
VLAI
Summary
Passwords stored in plain text by Jenkins view-cloner Plugin
Details

Jenkins view-cloner Plugin 1.1 and earlier stores passwords unencrypted in job config.xml files on the Jenkins controller where they can be viewed by users with Extended Read permission, or access to the Jenkins controller file system.

Show details on source website

{
  "affected": [
    {
      "package": {
        "ecosystem": "Maven",
        "name": "org.jenkins-ci.plugins:view-cloner"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "last_affected": "1.1"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2023-24450"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-256",
      "CWE-312"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2023-01-27T01:28:47Z",
    "nvd_published_at": "2023-01-26T21:18:00Z",
    "severity": "MODERATE"
  },
  "details": "Jenkins view-cloner Plugin 1.1 and earlier stores passwords unencrypted in job config.xml files on the Jenkins controller where they can be viewed by users with Extended Read permission, or access to the Jenkins controller file system.",
  "id": "GHSA-6hw7-x86v-wrgf",
  "modified": "2023-02-02T17:31:58Z",
  "published": "2023-01-26T21:30:18Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-24450"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/jenkinsci/view-cloner-plugin"
    },
    {
      "type": "WEB",
      "url": "https://www.jenkins.io/security/advisory/2023-01-24/#SECURITY-2787"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
      "type": "CVSS_V3"
    }
  ],
  "summary": "Passwords stored in plain text by Jenkins view-cloner Plugin "
}

GHSA-6J73-7MGQ-98HJ

Vulnerability from github – Published: 2021-12-15 00:00 – Updated: 2021-12-17 00:00
VLAI
Details

Unisys Cargo Mobile Application before 1.2.29 uses cleartext to store sensitive information, which might be revealed in a backup. The issue is addressed by ensuring that the allowBackup flag (in the manifest) is False.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2021-43388"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-312"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2021-12-14T18:15:00Z",
    "severity": "HIGH"
  },
  "details": "Unisys Cargo Mobile Application before 1.2.29 uses cleartext to store sensitive information, which might be revealed in a backup. The issue is addressed by ensuring that the allowBackup flag (in the manifest) is False.",
  "id": "GHSA-6j73-7mgq-98hj",
  "modified": "2021-12-17T00:00:40Z",
  "published": "2021-12-15T00:00:42Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-43388"
    },
    {
      "type": "WEB",
      "url": "https://public.support.unisys.com/common/public/vulnerability/NVD_Detail_Rpt.aspx?ID=65"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

GHSA-6P4J-99M7-JM2X

Vulnerability from github – Published: 2022-05-13 01:50 – Updated: 2022-05-13 01:50
VLAI
Details

Sensitive Information Stored in Clear Text in Moxa ThingsPro IIoT Gateway and Device Management Software Solutions version 2.1.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2018-18394"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-312"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2018-10-19T14:29:00Z",
    "severity": "CRITICAL"
  },
  "details": "Sensitive Information Stored in Clear Text in Moxa ThingsPro IIoT Gateway and Device Management Software Solutions version 2.1.",
  "id": "GHSA-6p4j-99m7-jm2x",
  "modified": "2022-05-13T01:50:41Z",
  "published": "2022-05-13T01:50:41Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-18394"
    },
    {
      "type": "WEB",
      "url": "https://ics-cert.kaspersky.com/advisories/klcert-advisories/2018/10/18/klcert-18-022-moxa-thingspro-iiot-gateway-and-device-management-software-solutions-sensitive-information-stored-in-clear-text"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-6P4R-RCV8-5X44

Vulnerability from github – Published: 2024-09-30 21:31 – Updated: 2024-10-01 00:33
VLAI
Details

An issue was discovered in Infinera hiT 7300 5.60.50. Cleartext storage of sensitive information in the memory of the @CT desktop management application allows guest OS administrators to obtain various users' passwords by accessing memory dumps of the desktop application.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2024-28807"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-312"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-09-30T21:15:03Z",
    "severity": "MODERATE"
  },
  "details": "An issue was discovered in Infinera hiT 7300 5.60.50. Cleartext storage of sensitive information in the memory of the @CT desktop management application allows guest OS administrators to obtain various users\u0027 passwords by accessing memory dumps of the desktop application.",
  "id": "GHSA-6p4r-rcv8-5x44",
  "modified": "2024-10-01T00:33:41Z",
  "published": "2024-09-30T21:31:06Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-28807"
    },
    {
      "type": "WEB",
      "url": "https://www.cvcn.gov.it/cvcn/cve/CVE-2024-28807"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-6P72-FPQV-2CFF

Vulnerability from github – Published: 2023-03-22 06:30 – Updated: 2023-03-28 15:30
VLAI
Details

A vulnerability exists in ClearPass Policy Manager that allows for an attacker with administrative privileges to access sensitive information in a cleartext format. A successful exploit allows an attacker to retrieve information which could be used to potentially gain further access to network services supported by ClearPass Policy Manager.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2023-25596"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-312"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2023-03-22T06:15:00Z",
    "severity": "MODERATE"
  },
  "details": "A vulnerability exists in ClearPass Policy Manager that allows for an attacker with administrative privileges to access sensitive information in a cleartext format. A successful exploit allows an attacker to retrieve information which could be used to potentially gain further access to network services supported by ClearPass Policy Manager.",
  "id": "GHSA-6p72-fpqv-2cff",
  "modified": "2023-03-28T15:30:17Z",
  "published": "2023-03-22T06:30:21Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-25596"
    },
    {
      "type": "WEB",
      "url": "https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2023-003.txt"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

Mitigation
Implementation System Configuration Operation

When storing data in the cloud (e.g., S3 buckets, Azure blobs, Google Cloud Storage, etc.), use the provider's controls to encrypt the data at rest. [REF-1297] [REF-1299] [REF-1301]

Mitigation
Implementation System Configuration Operation

In some systems/environments such as cloud, the use of "double encryption" (at both the software and hardware layer) might be required, and the developer might be solely responsible for both layers, instead of shared responsibility with the administrator of the broader system/environment.

CAPEC-37: Retrieve Embedded Sensitive Data

An attacker examines a target system to find sensitive data that has been embedded within it. This information can reveal confidential contents, such as account numbers or individual keys/credentials that can be used as an intermediate step in a larger attack.