Common Weakness Enumeration

CWE-312

Allowed

Cleartext Storage of Sensitive Information

Abstraction: Base · Status: Draft

The product stores sensitive information in cleartext within a resource that might be accessible to another control sphere.

1017 vulnerabilities reference this CWE, most recent first.

GHSA-6PCJ-93VX-9466

Vulnerability from github – Published: 2025-08-26 21:31 – Updated: 2025-08-27 15:33
VLAI
Details

Telpo MDM 1.4.6 thru 1.4.9 for Android contains sensitive administrator credentials and MQTT server connection details (IP/port) that are stored in plaintext within log files on the device's external storage. This allows attackers with access to these logs to: 1. Authenticate to the MDM web platform to execute administrative operations (device shutdown/factory reset/software installation); 2. Connect to the MQTT server to intercept/publish device data.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2025-55443"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-312"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-08-26T20:15:40Z",
    "severity": "CRITICAL"
  },
  "details": "Telpo MDM 1.4.6 thru 1.4.9 for Android contains sensitive administrator credentials and MQTT server connection details (IP/port) that are stored in plaintext within log files on the device\u0027s external storage. This allows attackers with access to these logs to: 1. Authenticate to the MDM web platform to execute administrative operations (device shutdown/factory reset/software installation); 2. Connect to the MQTT server to intercept/publish device data.",
  "id": "GHSA-6pcj-93vx-9466",
  "modified": "2025-08-27T15:33:14Z",
  "published": "2025-08-26T21:31:07Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-55443"
    },
    {
      "type": "WEB",
      "url": "https://gist.github.com/raiji1n/a2ce5dd46c312e3bd38b9b2446b95860"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-6PCV-J4JX-M4VX

Vulnerability from github – Published: 2026-04-16 21:20 – Updated: 2026-06-24 13:06
VLAI
Summary
Flowise: Unauthenticated Information Disclosure of OAuth Secrets (Cleartext) via GET Request
Details

Summary

I have discovered a critical Missing Authentication vulnerability on the /api/v1/loginmethod endpoint. The API allows unauthenticated users (guests) to retrieve the full SSO configuration of any organization by simply providing an organizationId. The response includes sensitive OAuth credentials (Client Secrets) in cleartext.

PoC

The following request can be sent by anyone on the internet without any cookies or authorization headers.

Request

GET /api/v1/loginmethod?organizationId=<any_organization_id> HTTP/2
Host: cloud.flowiseai.com
Accept: application/json
Content-Type: application/json

Response: The server returns 200 OK with sensitive credentials:

{
  "providers": [
    {
      "id": "a04ba769-b810-481d-8d6b-84f8c377dea5",
      "organizationId": "bd2b74e0-e0cd-4bb5-ba98-3cc2ae683d5d",
      "name": "azure",
      "config": {
        "tenantID": "",
        "clientID": "",
        "clientSecret": ""
      },
      "status": "disable",
      "createdDate": "2025-12-26T18:52:33.453Z",
      "updatedDate": "2025-12-26T19:31:56.087Z",
      "createdBy": "6ab311fa-0d0a-4bd6-996e-4ae721377fb2",
      "updatedBy": "6ab311fa-0d0a-4bd6-996e-4ae721377fb2"
    },
    {
      "id": "eda8bd90-1c45-4aca-933f-3a53d9be4161",
      "organizationId": "bd2b74e0-e0cd-4bb5-ba98-3cc2ae683d5d",
      "name": "google",
      "config": {
        "clientID": "123455",
        "clientSecret": "123455"
      },
      "status": "enable",
      "createdDate": "2025-12-26T18:52:33.453Z",
      "updatedDate": "2025-12-26T19:31:56.087Z",
      "createdBy": "6ab311fa-0d0a-4bd6-996e-4ae721377fb2",
      "updatedBy": "6ab311fa-0d0a-4bd6-996e-4ae721377fb2"
    },
    {
      "id": "0d238df0-c89c-4733-bf57-6ec06f58c7e7",
      "organizationId": "bd2b74e0-e0cd-4bb5-ba98-3cc2ae683d5d",
      "name": "auth0",
      "config": {
        "domain": "",
        "clientID": "",
        "clientSecret": ""
      },
      "status": "disable",
      "createdDate": "2025-12-26T18:52:33.453Z",
      "updatedDate": "2025-12-26T19:31:56.087Z",
      "createdBy": "6ab311fa-0d0a-4bd6-996e-4ae721377fb2",
      "updatedBy": "6ab311fa-0d0a-4bd6-996e-4ae721377fb2"
    },
    {
      "id": "e060ae88-c7f4-4b7c-9bdc-5321963a1648",
      "organizationId": "bd2b74e0-e0cd-4bb5-ba98-3cc2ae683d5d",
      "name": "github",
      "config": {
        "clientID": "",
        "clientSecret": ""
      },
      "status": "disable",
      "createdDate": "2025-12-26T18:52:33.453Z",
      "updatedDate": "2025-12-26T19:31:56.087Z",
      "createdBy": "6ab311fa-0d0a-4bd6-996e-4ae721377fb2",
      "updatedBy": "6ab311fa-0d0a-4bd6-996e-4ae721377fb2"
    }
  ],
  "callbacks": [
    {
      "providerName": "azure",
      "callbackURL": "https://cloud.flowiseai.com/api/v1/azure/callback"
    },
    {
      "providerName": "google",
      "callbackURL": "https://cloud.flowiseai.com/api/v1/google/callback"
    },
    {
      "providerName": "auth0",
      "callbackURL": "https://cloud.flowiseai.com/api/v1/auth0/callback"
    },
    {
      "providerName": "github",
      "callbackURL": "https://cloud.flowiseai.com/api/v1/github/callback"
    }
  ]
}

Affected Deployments

  • FlowiseAI Cloud (cloud.flowiseai.com)
  • Self-hosted FlowiseAI instances where the /api/v1/loginmethod endpoint is exposed

Impact

An unauthenticated attacker can harvest sensitive API secrets (Google, Microsoft, GitHub Client Secrets) from any organization on the cloud platform. This leads to complete compromise of the organization's third-party integrations and potential data breaches.

Show details on source website

{
  "affected": [
    {
      "database_specific": {
        "last_known_affected_version_range": "\u003c= 3.0.13"
      },
      "package": {
        "ecosystem": "npm",
        "name": "flowise"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "3.1.0"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2026-56270"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-306",
      "CWE-312"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2026-04-16T21:20:05Z",
    "nvd_published_at": null,
    "severity": "MODERATE"
  },
  "details": "### Summary\nI have discovered a critical Missing Authentication vulnerability on the /api/v1/loginmethod endpoint. The API allows unauthenticated users (guests) to retrieve the full SSO configuration of any organization by simply providing an organizationId. The response includes sensitive OAuth credentials (Client Secrets) in cleartext.\n\n\n### PoC\nThe following request can be sent by anyone on the internet without any cookies or authorization headers.\n\nRequest\n```http\nGET /api/v1/loginmethod?organizationId=\u003cany_organization_id\u003e HTTP/2\nHost: cloud.flowiseai.com\nAccept: application/json\nContent-Type: application/json\n```\n\nResponse: The server returns 200 OK with sensitive credentials:\n```json\n{\n  \"providers\": [\n    {\n      \"id\": \"a04ba769-b810-481d-8d6b-84f8c377dea5\",\n      \"organizationId\": \"bd2b74e0-e0cd-4bb5-ba98-3cc2ae683d5d\",\n      \"name\": \"azure\",\n      \"config\": {\n        \"tenantID\": \"\",\n        \"clientID\": \"\",\n        \"clientSecret\": \"\"\n      },\n      \"status\": \"disable\",\n      \"createdDate\": \"2025-12-26T18:52:33.453Z\",\n      \"updatedDate\": \"2025-12-26T19:31:56.087Z\",\n      \"createdBy\": \"6ab311fa-0d0a-4bd6-996e-4ae721377fb2\",\n      \"updatedBy\": \"6ab311fa-0d0a-4bd6-996e-4ae721377fb2\"\n    },\n    {\n      \"id\": \"eda8bd90-1c45-4aca-933f-3a53d9be4161\",\n      \"organizationId\": \"bd2b74e0-e0cd-4bb5-ba98-3cc2ae683d5d\",\n      \"name\": \"google\",\n      \"config\": {\n        \"clientID\": \"123455\",\n        \"clientSecret\": \"123455\"\n      },\n      \"status\": \"enable\",\n      \"createdDate\": \"2025-12-26T18:52:33.453Z\",\n      \"updatedDate\": \"2025-12-26T19:31:56.087Z\",\n      \"createdBy\": \"6ab311fa-0d0a-4bd6-996e-4ae721377fb2\",\n      \"updatedBy\": \"6ab311fa-0d0a-4bd6-996e-4ae721377fb2\"\n    },\n    {\n      \"id\": \"0d238df0-c89c-4733-bf57-6ec06f58c7e7\",\n      \"organizationId\": \"bd2b74e0-e0cd-4bb5-ba98-3cc2ae683d5d\",\n      \"name\": \"auth0\",\n      \"config\": {\n        \"domain\": \"\",\n        \"clientID\": \"\",\n        \"clientSecret\": \"\"\n      },\n      \"status\": \"disable\",\n      \"createdDate\": \"2025-12-26T18:52:33.453Z\",\n      \"updatedDate\": \"2025-12-26T19:31:56.087Z\",\n      \"createdBy\": \"6ab311fa-0d0a-4bd6-996e-4ae721377fb2\",\n      \"updatedBy\": \"6ab311fa-0d0a-4bd6-996e-4ae721377fb2\"\n    },\n    {\n      \"id\": \"e060ae88-c7f4-4b7c-9bdc-5321963a1648\",\n      \"organizationId\": \"bd2b74e0-e0cd-4bb5-ba98-3cc2ae683d5d\",\n      \"name\": \"github\",\n      \"config\": {\n        \"clientID\": \"\",\n        \"clientSecret\": \"\"\n      },\n      \"status\": \"disable\",\n      \"createdDate\": \"2025-12-26T18:52:33.453Z\",\n      \"updatedDate\": \"2025-12-26T19:31:56.087Z\",\n      \"createdBy\": \"6ab311fa-0d0a-4bd6-996e-4ae721377fb2\",\n      \"updatedBy\": \"6ab311fa-0d0a-4bd6-996e-4ae721377fb2\"\n    }\n  ],\n  \"callbacks\": [\n    {\n      \"providerName\": \"azure\",\n      \"callbackURL\": \"https://cloud.flowiseai.com/api/v1/azure/callback\"\n    },\n    {\n      \"providerName\": \"google\",\n      \"callbackURL\": \"https://cloud.flowiseai.com/api/v1/google/callback\"\n    },\n    {\n      \"providerName\": \"auth0\",\n      \"callbackURL\": \"https://cloud.flowiseai.com/api/v1/auth0/callback\"\n    },\n    {\n      \"providerName\": \"github\",\n      \"callbackURL\": \"https://cloud.flowiseai.com/api/v1/github/callback\"\n    }\n  ]\n}\n```\n### Affected Deployments\n- FlowiseAI Cloud (cloud.flowiseai.com)\n- Self-hosted FlowiseAI instances where the /api/v1/loginmethod endpoint is exposed\n\n### Impact\nAn unauthenticated attacker can harvest sensitive API secrets (Google, Microsoft, GitHub Client Secrets) from any organization on the cloud platform. This leads to complete compromise of the organization\u0027s third-party integrations and potential data breaches.",
  "id": "GHSA-6pcv-j4jx-m4vx",
  "modified": "2026-06-24T13:06:31Z",
  "published": "2026-04-16T21:20:05Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://github.com/FlowiseAI/Flowise/security/advisories/GHSA-6pcv-j4jx-m4vx"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/FlowiseAI/Flowise"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
      "type": "CVSS_V3"
    }
  ],
  "summary": "Flowise: Unauthenticated Information Disclosure of OAuth Secrets (Cleartext) via GET Request"
}

GHSA-6PVG-63W9-JHX6

Vulnerability from github – Published: 2023-10-27 03:30 – Updated: 2023-11-03 21:30
VLAI
Details

Zentao Biz version 8.7 and before is vulnerable to Information Disclosure.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2023-46376"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-312"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2023-10-27T01:15:32Z",
    "severity": "HIGH"
  },
  "details": "Zentao Biz version 8.7 and before is vulnerable to Information Disclosure.",
  "id": "GHSA-6pvg-63w9-jhx6",
  "modified": "2023-11-03T21:30:23Z",
  "published": "2023-10-27T03:30:20Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-46376"
    },
    {
      "type": "WEB",
      "url": "https://narrow-payment-2cd.notion.site/zentao-8-7-has-information-disclosure-vulnerability-CVE-2023-46376-537fae3936b84af583b51b74e6010dd7"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-6PXH-4M7F-85QJ

Vulnerability from github – Published: 2025-10-23 06:30 – Updated: 2025-10-23 06:31
VLAI
Details

Cleartext Storage of Sensitive Information (CWE-312) in the Gallagher Morpho integration could allow an authenticated user with access to the Command Centre Server to export a specific signing key while in use allowing them to deploy a compromised or counterfeit device on that site. This issue affects Command Centre Server: 9.20 prior to vEL9.20.2819 (MR4), 9.10 prior to vEL9.10.3672 (MR7), 9.00 prior to vEL9.00.3831 (MR8), all versions of 8.90 and prior.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2025-48428"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-312"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-10-23T04:16:40Z",
    "severity": "MODERATE"
  },
  "details": "Cleartext Storage of Sensitive Information (CWE-312) in the Gallagher Morpho integration could allow an authenticated user with access to the Command Centre Server to export a specific signing key while in use allowing them to deploy a compromised or counterfeit device on that site. \nThis issue affects Command Centre Server: 9.20 prior to vEL9.20.2819 (MR4), 9.10 prior to vEL9.10.3672 (MR7), 9.00 prior to vEL9.00.3831 (MR8), all versions of 8.90 and prior.",
  "id": "GHSA-6pxh-4m7f-85qj",
  "modified": "2025-10-23T06:31:00Z",
  "published": "2025-10-23T06:30:59Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-48428"
    },
    {
      "type": "WEB",
      "url": "https://security.gallagher.com/en-NZ/Security-Advisories/CVE-2025-48428"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-6Q4X-RGWV-967M

Vulnerability from github – Published: 2022-05-24 19:13 – Updated: 2022-05-24 19:13
VLAI
Details

Incorrect Access Control in Autumn v1.0.4 and earlier allows remote attackers to obtain clear-text login credentials via the component "autumn-cms/user/getAllUser/?page=1&limit=10".

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2020-19137"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-312"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2021-09-08T21:15:00Z",
    "severity": "HIGH"
  },
  "details": "Incorrect Access Control in Autumn v1.0.4 and earlier allows remote attackers to obtain clear-text login credentials via the component \"autumn-cms/user/getAllUser/?page=1\u0026limit=10\".",
  "id": "GHSA-6q4x-rgwv-967m",
  "modified": "2022-05-24T19:13:18Z",
  "published": "2022-05-24T19:13:18Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-19137"
    },
    {
      "type": "WEB",
      "url": "https://github.com/ShuaiJunlan/Autumn/issues/82"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

GHSA-6QM6-GG4Q-CVM5

Vulnerability from github – Published: 2024-10-10 09:30 – Updated: 2024-10-10 09:30
VLAI
Details

The health endpoint is public so everybody can see a list of all services. It is potentially valuable information for attackers.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2024-9798"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-312"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-10-10T08:15:04Z",
    "severity": "CRITICAL"
  },
  "details": "The health endpoint is public so everybody can see a list of all services. It is potentially valuable information for attackers.",
  "id": "GHSA-6qm6-gg4q-cvm5",
  "modified": "2024-10-10T09:30:35Z",
  "published": "2024-10-10T09:30:35Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-9798"
    },
    {
      "type": "WEB",
      "url": "https://github.com/zowe/api-layer"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-6R5W-JJR5-QVGR

Vulnerability from github – Published: 2023-12-13 18:31 – Updated: 2024-11-15 22:26
VLAI
Summary
Password stored in a recoverable format by Jenkins OpenId Connect Authentication Plugin
Details

Jenkins OpenId Connect Authentication Plugin stores a password of a local user account used as an anti-lockout feature in a recoverable format, allowing attackers with access to the Jenkins controller file system to recover the plain text password of that account, likely gaining administrator access to Jenkins.

Show details on source website

{
  "affected": [
    {
      "package": {
        "ecosystem": "Maven",
        "name": "org.jenkins-ci.plugins:oic-auth"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "4.229.vf736b"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2023-50770"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-312",
      "CWE-522"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2023-12-13T19:34:24Z",
    "nvd_published_at": "2023-12-13T18:15:44Z",
    "severity": "MODERATE"
  },
  "details": "Jenkins OpenId Connect Authentication Plugin stores a password of a local user account used as an anti-lockout feature in a recoverable format, allowing attackers with access to the Jenkins controller file system to recover the plain text password of that account, likely gaining administrator access to Jenkins.",
  "id": "GHSA-6r5w-jjr5-qvgr",
  "modified": "2024-11-15T22:26:42Z",
  "published": "2023-12-13T18:31:04Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-50770"
    },
    {
      "type": "WEB",
      "url": "https://github.com/jenkinsci/oic-auth-plugin/issues/259"
    },
    {
      "type": "WEB",
      "url": "https://github.com/jenkins-infra/update-center2/pull/773"
    },
    {
      "type": "WEB",
      "url": "https://github.com/jenkinsci/oic-auth-plugin/pull/287"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/jenkinsci/oic-auth-plugin"
    },
    {
      "type": "WEB",
      "url": "https://www.jenkins.io/security/advisory/2023-12-13/#SECURITY-3168"
    },
    {
      "type": "WEB",
      "url": "http://www.openwall.com/lists/oss-security/2023/12/13/4"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ],
  "summary": "Password stored in a recoverable format by Jenkins OpenId Connect Authentication Plugin "
}

GHSA-6RG8-WQVX-GHG5

Vulnerability from github – Published: 2025-03-10 15:30 – Updated: 2026-06-01 15:30
VLAI
Details

Cleartext Storage of Sensitive Information in an Environment Variable, Weak Password Recovery Mechanism for Forgotten Password vulnerability in Tapandsign Technologies Tap&Sign App allows Password Recovery Exploitation, Functionality Misuse.This issue affects Tap&Sign App: before V.1.025.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2024-12604"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-312",
      "CWE-526"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-03-10T15:15:36Z",
    "severity": "HIGH"
  },
  "details": "Cleartext Storage of Sensitive Information in an Environment Variable, Weak Password Recovery Mechanism for Forgotten Password vulnerability in Tapandsign Technologies Tap\u0026Sign App allows Password Recovery Exploitation, Functionality Misuse.This issue affects Tap\u0026Sign App: before V.1.025.",
  "id": "GHSA-6rg8-wqvx-ghg5",
  "modified": "2026-06-01T15:30:32Z",
  "published": "2025-03-10T15:30:48Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-12604"
    },
    {
      "type": "WEB",
      "url": "https://docs.tapandsign.com/tap-and-sign/tap-and-sign-v.1.025-surum-notlari"
    },
    {
      "type": "WEB",
      "url": "https://siberguvenlik.gov.tr/guvenlik-bildirimleri/detay/tr-25-0063"
    },
    {
      "type": "WEB",
      "url": "https://www.usom.gov.tr/bildirim/tr-25-0063"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-6V48-P2G5-G5G2

Vulnerability from github – Published: 2024-09-12 15:33 – Updated: 2024-10-31 21:31
VLAI
Details

No-IP Dynamic Update Client (DUC) v3.x uses cleartext credentials that may occur on a command line or in a file. NOTE: the vendor's position is that cleartext in /etc/default/noip-duc is recommended and is the intentional behavior.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2024-40457"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-312",
      "CWE-313"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-09-12T14:16:06Z",
    "severity": "CRITICAL"
  },
  "details": "No-IP Dynamic Update Client (DUC) v3.x uses cleartext credentials that may occur on a command line or in a file. NOTE: the vendor\u0027s position is that cleartext in /etc/default/noip-duc is recommended and is the intentional behavior.",
  "id": "GHSA-6v48-p2g5-g5g2",
  "modified": "2024-10-31T21:31:44Z",
  "published": "2024-09-12T15:33:01Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-40457"
    },
    {
      "type": "WEB",
      "url": "https://github.com/jeppojeps/CVE-2024-40457-PoC"
    },
    {
      "type": "WEB",
      "url": "https://www.noip.com/support/knowledgebase/install-linux-3-x-dynamic-update-client-duc"
    },
    {
      "type": "WEB",
      "url": "https://www.noip.com/support/knowledgebase/running-linux-duc-v3-0-startup-2"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-6VFQ-JMXG-G58R

Vulnerability from github – Published: 2022-09-16 21:02 – Updated: 2022-09-16 21:02
VLAI
Summary
Shopware contains sensitive data in backend customer module
Details

Impact

The request for the customer detail view in the backend administration contained sensitive data like the hashed password and the session ID.

Patches

We recommend updating to the current version 5.7.15. You can get the update to 5.7.15 regularly via the Auto-Updater or directly via the download overview. https://www.shopware.com/en/changelog-sw5/#5-7-15

For older versions you can use the Security Plugin: https://store.shopware.com/en/swag575294366635f/shopware-security-plugin.html

References

https://docs.shopware.com/en/shopware-5-en/security-updates/security-update-09-2022

Show details on source website

{
  "affected": [
    {
      "database_specific": {
        "last_known_affected_version_range": "\u003c= 5.7.14"
      },
      "package": {
        "ecosystem": "Packagist",
        "name": "shopware/shopware"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "5.7.15"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2022-36101"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-200",
      "CWE-312"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2022-09-16T21:02:55Z",
    "nvd_published_at": "2022-09-12T20:15:00Z",
    "severity": "MODERATE"
  },
  "details": "### Impact\nThe request for the customer detail view in the backend administration contained sensitive data like the hashed password and the session ID.\n\n### Patches\nWe recommend updating to the current version 5.7.15. You can get the update to 5.7.15 regularly via the Auto-Updater or directly via the download overview.\nhttps://www.shopware.com/en/changelog-sw5/#5-7-15\n\nFor older versions you can use the Security Plugin:\nhttps://store.shopware.com/en/swag575294366635f/shopware-security-plugin.html\n\n\n### References\nhttps://docs.shopware.com/en/shopware-5-en/security-updates/security-update-09-2022",
  "id": "GHSA-6vfq-jmxg-g58r",
  "modified": "2022-09-16T21:02:55Z",
  "published": "2022-09-16T21:02:55Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://github.com/shopware/shopware/security/advisories/GHSA-6vfq-jmxg-g58r"
    },
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-36101"
    },
    {
      "type": "WEB",
      "url": "https://github.com/shopware/shopware/commit/af5cdbc81d60f21b728e1433aeb8837f25938d2a"
    },
    {
      "type": "WEB",
      "url": "https://docs.shopware.com/en/shopware-5-en/security-updates/security-update-09-2022"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/shopware/shopware"
    },
    {
      "type": "WEB",
      "url": "https://packagist.org/packages/shopware/shopware"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N",
      "type": "CVSS_V3"
    }
  ],
  "summary": "Shopware contains sensitive data in backend customer module"
}

Mitigation
Implementation System Configuration Operation

When storing data in the cloud (e.g., S3 buckets, Azure blobs, Google Cloud Storage, etc.), use the provider's controls to encrypt the data at rest. [REF-1297] [REF-1299] [REF-1301]

Mitigation
Implementation System Configuration Operation

In some systems/environments such as cloud, the use of "double encryption" (at both the software and hardware layer) might be required, and the developer might be solely responsible for both layers, instead of shared responsibility with the administrator of the broader system/environment.

CAPEC-37: Retrieve Embedded Sensitive Data

An attacker examines a target system to find sensitive data that has been embedded within it. This information can reveal confidential contents, such as account numbers or individual keys/credentials that can be used as an intermediate step in a larger attack.