CWE-312
AllowedCleartext Storage of Sensitive Information
Abstraction: Base · Status: Draft
The product stores sensitive information in cleartext within a resource that might be accessible to another control sphere.
1017 vulnerabilities reference this CWE, most recent first.
GHSA-6PCJ-93VX-9466
Vulnerability from github – Published: 2025-08-26 21:31 – Updated: 2025-08-27 15:33Telpo MDM 1.4.6 thru 1.4.9 for Android contains sensitive administrator credentials and MQTT server connection details (IP/port) that are stored in plaintext within log files on the device's external storage. This allows attackers with access to these logs to: 1. Authenticate to the MDM web platform to execute administrative operations (device shutdown/factory reset/software installation); 2. Connect to the MQTT server to intercept/publish device data.
{
"affected": [],
"aliases": [
"CVE-2025-55443"
],
"database_specific": {
"cwe_ids": [
"CWE-312"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-08-26T20:15:40Z",
"severity": "CRITICAL"
},
"details": "Telpo MDM 1.4.6 thru 1.4.9 for Android contains sensitive administrator credentials and MQTT server connection details (IP/port) that are stored in plaintext within log files on the device\u0027s external storage. This allows attackers with access to these logs to: 1. Authenticate to the MDM web platform to execute administrative operations (device shutdown/factory reset/software installation); 2. Connect to the MQTT server to intercept/publish device data.",
"id": "GHSA-6pcj-93vx-9466",
"modified": "2025-08-27T15:33:14Z",
"published": "2025-08-26T21:31:07Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-55443"
},
{
"type": "WEB",
"url": "https://gist.github.com/raiji1n/a2ce5dd46c312e3bd38b9b2446b95860"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-6PCV-J4JX-M4VX
Vulnerability from github – Published: 2026-04-16 21:20 – Updated: 2026-06-24 13:06Summary
I have discovered a critical Missing Authentication vulnerability on the /api/v1/loginmethod endpoint. The API allows unauthenticated users (guests) to retrieve the full SSO configuration of any organization by simply providing an organizationId. The response includes sensitive OAuth credentials (Client Secrets) in cleartext.
PoC
The following request can be sent by anyone on the internet without any cookies or authorization headers.
Request
GET /api/v1/loginmethod?organizationId=<any_organization_id> HTTP/2
Host: cloud.flowiseai.com
Accept: application/json
Content-Type: application/json
Response: The server returns 200 OK with sensitive credentials:
{
"providers": [
{
"id": "a04ba769-b810-481d-8d6b-84f8c377dea5",
"organizationId": "bd2b74e0-e0cd-4bb5-ba98-3cc2ae683d5d",
"name": "azure",
"config": {
"tenantID": "",
"clientID": "",
"clientSecret": ""
},
"status": "disable",
"createdDate": "2025-12-26T18:52:33.453Z",
"updatedDate": "2025-12-26T19:31:56.087Z",
"createdBy": "6ab311fa-0d0a-4bd6-996e-4ae721377fb2",
"updatedBy": "6ab311fa-0d0a-4bd6-996e-4ae721377fb2"
},
{
"id": "eda8bd90-1c45-4aca-933f-3a53d9be4161",
"organizationId": "bd2b74e0-e0cd-4bb5-ba98-3cc2ae683d5d",
"name": "google",
"config": {
"clientID": "123455",
"clientSecret": "123455"
},
"status": "enable",
"createdDate": "2025-12-26T18:52:33.453Z",
"updatedDate": "2025-12-26T19:31:56.087Z",
"createdBy": "6ab311fa-0d0a-4bd6-996e-4ae721377fb2",
"updatedBy": "6ab311fa-0d0a-4bd6-996e-4ae721377fb2"
},
{
"id": "0d238df0-c89c-4733-bf57-6ec06f58c7e7",
"organizationId": "bd2b74e0-e0cd-4bb5-ba98-3cc2ae683d5d",
"name": "auth0",
"config": {
"domain": "",
"clientID": "",
"clientSecret": ""
},
"status": "disable",
"createdDate": "2025-12-26T18:52:33.453Z",
"updatedDate": "2025-12-26T19:31:56.087Z",
"createdBy": "6ab311fa-0d0a-4bd6-996e-4ae721377fb2",
"updatedBy": "6ab311fa-0d0a-4bd6-996e-4ae721377fb2"
},
{
"id": "e060ae88-c7f4-4b7c-9bdc-5321963a1648",
"organizationId": "bd2b74e0-e0cd-4bb5-ba98-3cc2ae683d5d",
"name": "github",
"config": {
"clientID": "",
"clientSecret": ""
},
"status": "disable",
"createdDate": "2025-12-26T18:52:33.453Z",
"updatedDate": "2025-12-26T19:31:56.087Z",
"createdBy": "6ab311fa-0d0a-4bd6-996e-4ae721377fb2",
"updatedBy": "6ab311fa-0d0a-4bd6-996e-4ae721377fb2"
}
],
"callbacks": [
{
"providerName": "azure",
"callbackURL": "https://cloud.flowiseai.com/api/v1/azure/callback"
},
{
"providerName": "google",
"callbackURL": "https://cloud.flowiseai.com/api/v1/google/callback"
},
{
"providerName": "auth0",
"callbackURL": "https://cloud.flowiseai.com/api/v1/auth0/callback"
},
{
"providerName": "github",
"callbackURL": "https://cloud.flowiseai.com/api/v1/github/callback"
}
]
}
Affected Deployments
- FlowiseAI Cloud (cloud.flowiseai.com)
- Self-hosted FlowiseAI instances where the /api/v1/loginmethod endpoint is exposed
Impact
An unauthenticated attacker can harvest sensitive API secrets (Google, Microsoft, GitHub Client Secrets) from any organization on the cloud platform. This leads to complete compromise of the organization's third-party integrations and potential data breaches.
{
"affected": [
{
"database_specific": {
"last_known_affected_version_range": "\u003c= 3.0.13"
},
"package": {
"ecosystem": "npm",
"name": "flowise"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "3.1.0"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2026-56270"
],
"database_specific": {
"cwe_ids": [
"CWE-306",
"CWE-312"
],
"github_reviewed": true,
"github_reviewed_at": "2026-04-16T21:20:05Z",
"nvd_published_at": null,
"severity": "MODERATE"
},
"details": "### Summary\nI have discovered a critical Missing Authentication vulnerability on the /api/v1/loginmethod endpoint. The API allows unauthenticated users (guests) to retrieve the full SSO configuration of any organization by simply providing an organizationId. The response includes sensitive OAuth credentials (Client Secrets) in cleartext.\n\n\n### PoC\nThe following request can be sent by anyone on the internet without any cookies or authorization headers.\n\nRequest\n```http\nGET /api/v1/loginmethod?organizationId=\u003cany_organization_id\u003e HTTP/2\nHost: cloud.flowiseai.com\nAccept: application/json\nContent-Type: application/json\n```\n\nResponse: The server returns 200 OK with sensitive credentials:\n```json\n{\n \"providers\": [\n {\n \"id\": \"a04ba769-b810-481d-8d6b-84f8c377dea5\",\n \"organizationId\": \"bd2b74e0-e0cd-4bb5-ba98-3cc2ae683d5d\",\n \"name\": \"azure\",\n \"config\": {\n \"tenantID\": \"\",\n \"clientID\": \"\",\n \"clientSecret\": \"\"\n },\n \"status\": \"disable\",\n \"createdDate\": \"2025-12-26T18:52:33.453Z\",\n \"updatedDate\": \"2025-12-26T19:31:56.087Z\",\n \"createdBy\": \"6ab311fa-0d0a-4bd6-996e-4ae721377fb2\",\n \"updatedBy\": \"6ab311fa-0d0a-4bd6-996e-4ae721377fb2\"\n },\n {\n \"id\": \"eda8bd90-1c45-4aca-933f-3a53d9be4161\",\n \"organizationId\": \"bd2b74e0-e0cd-4bb5-ba98-3cc2ae683d5d\",\n \"name\": \"google\",\n \"config\": {\n \"clientID\": \"123455\",\n \"clientSecret\": \"123455\"\n },\n \"status\": \"enable\",\n \"createdDate\": \"2025-12-26T18:52:33.453Z\",\n \"updatedDate\": \"2025-12-26T19:31:56.087Z\",\n \"createdBy\": \"6ab311fa-0d0a-4bd6-996e-4ae721377fb2\",\n \"updatedBy\": \"6ab311fa-0d0a-4bd6-996e-4ae721377fb2\"\n },\n {\n \"id\": \"0d238df0-c89c-4733-bf57-6ec06f58c7e7\",\n \"organizationId\": \"bd2b74e0-e0cd-4bb5-ba98-3cc2ae683d5d\",\n \"name\": \"auth0\",\n \"config\": {\n \"domain\": \"\",\n \"clientID\": \"\",\n \"clientSecret\": \"\"\n },\n \"status\": \"disable\",\n \"createdDate\": \"2025-12-26T18:52:33.453Z\",\n \"updatedDate\": \"2025-12-26T19:31:56.087Z\",\n \"createdBy\": \"6ab311fa-0d0a-4bd6-996e-4ae721377fb2\",\n \"updatedBy\": \"6ab311fa-0d0a-4bd6-996e-4ae721377fb2\"\n },\n {\n \"id\": \"e060ae88-c7f4-4b7c-9bdc-5321963a1648\",\n \"organizationId\": \"bd2b74e0-e0cd-4bb5-ba98-3cc2ae683d5d\",\n \"name\": \"github\",\n \"config\": {\n \"clientID\": \"\",\n \"clientSecret\": \"\"\n },\n \"status\": \"disable\",\n \"createdDate\": \"2025-12-26T18:52:33.453Z\",\n \"updatedDate\": \"2025-12-26T19:31:56.087Z\",\n \"createdBy\": \"6ab311fa-0d0a-4bd6-996e-4ae721377fb2\",\n \"updatedBy\": \"6ab311fa-0d0a-4bd6-996e-4ae721377fb2\"\n }\n ],\n \"callbacks\": [\n {\n \"providerName\": \"azure\",\n \"callbackURL\": \"https://cloud.flowiseai.com/api/v1/azure/callback\"\n },\n {\n \"providerName\": \"google\",\n \"callbackURL\": \"https://cloud.flowiseai.com/api/v1/google/callback\"\n },\n {\n \"providerName\": \"auth0\",\n \"callbackURL\": \"https://cloud.flowiseai.com/api/v1/auth0/callback\"\n },\n {\n \"providerName\": \"github\",\n \"callbackURL\": \"https://cloud.flowiseai.com/api/v1/github/callback\"\n }\n ]\n}\n```\n### Affected Deployments\n- FlowiseAI Cloud (cloud.flowiseai.com)\n- Self-hosted FlowiseAI instances where the /api/v1/loginmethod endpoint is exposed\n\n### Impact\nAn unauthenticated attacker can harvest sensitive API secrets (Google, Microsoft, GitHub Client Secrets) from any organization on the cloud platform. This leads to complete compromise of the organization\u0027s third-party integrations and potential data breaches.",
"id": "GHSA-6pcv-j4jx-m4vx",
"modified": "2026-06-24T13:06:31Z",
"published": "2026-04-16T21:20:05Z",
"references": [
{
"type": "WEB",
"url": "https://github.com/FlowiseAI/Flowise/security/advisories/GHSA-6pcv-j4jx-m4vx"
},
{
"type": "PACKAGE",
"url": "https://github.com/FlowiseAI/Flowise"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"type": "CVSS_V3"
}
],
"summary": "Flowise: Unauthenticated Information Disclosure of OAuth Secrets (Cleartext) via GET Request"
}
GHSA-6PVG-63W9-JHX6
Vulnerability from github – Published: 2023-10-27 03:30 – Updated: 2023-11-03 21:30Zentao Biz version 8.7 and before is vulnerable to Information Disclosure.
{
"affected": [],
"aliases": [
"CVE-2023-46376"
],
"database_specific": {
"cwe_ids": [
"CWE-312"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2023-10-27T01:15:32Z",
"severity": "HIGH"
},
"details": "Zentao Biz version 8.7 and before is vulnerable to Information Disclosure.",
"id": "GHSA-6pvg-63w9-jhx6",
"modified": "2023-11-03T21:30:23Z",
"published": "2023-10-27T03:30:20Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-46376"
},
{
"type": "WEB",
"url": "https://narrow-payment-2cd.notion.site/zentao-8-7-has-information-disclosure-vulnerability-CVE-2023-46376-537fae3936b84af583b51b74e6010dd7"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-6PXH-4M7F-85QJ
Vulnerability from github – Published: 2025-10-23 06:30 – Updated: 2025-10-23 06:31Cleartext Storage of Sensitive Information (CWE-312) in the Gallagher Morpho integration could allow an authenticated user with access to the Command Centre Server to export a specific signing key while in use allowing them to deploy a compromised or counterfeit device on that site. This issue affects Command Centre Server: 9.20 prior to vEL9.20.2819 (MR4), 9.10 prior to vEL9.10.3672 (MR7), 9.00 prior to vEL9.00.3831 (MR8), all versions of 8.90 and prior.
{
"affected": [],
"aliases": [
"CVE-2025-48428"
],
"database_specific": {
"cwe_ids": [
"CWE-312"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-10-23T04:16:40Z",
"severity": "MODERATE"
},
"details": "Cleartext Storage of Sensitive Information (CWE-312) in the Gallagher Morpho integration could allow an authenticated user with access to the Command Centre Server to export a specific signing key while in use allowing them to deploy a compromised or counterfeit device on that site. \nThis issue affects Command Centre Server: 9.20 prior to vEL9.20.2819 (MR4), 9.10 prior to vEL9.10.3672 (MR7), 9.00 prior to vEL9.00.3831 (MR8), all versions of 8.90 and prior.",
"id": "GHSA-6pxh-4m7f-85qj",
"modified": "2025-10-23T06:31:00Z",
"published": "2025-10-23T06:30:59Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-48428"
},
{
"type": "WEB",
"url": "https://security.gallagher.com/en-NZ/Security-Advisories/CVE-2025-48428"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-6Q4X-RGWV-967M
Vulnerability from github – Published: 2022-05-24 19:13 – Updated: 2022-05-24 19:13Incorrect Access Control in Autumn v1.0.4 and earlier allows remote attackers to obtain clear-text login credentials via the component "autumn-cms/user/getAllUser/?page=1&limit=10".
{
"affected": [],
"aliases": [
"CVE-2020-19137"
],
"database_specific": {
"cwe_ids": [
"CWE-312"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2021-09-08T21:15:00Z",
"severity": "HIGH"
},
"details": "Incorrect Access Control in Autumn v1.0.4 and earlier allows remote attackers to obtain clear-text login credentials via the component \"autumn-cms/user/getAllUser/?page=1\u0026limit=10\".",
"id": "GHSA-6q4x-rgwv-967m",
"modified": "2022-05-24T19:13:18Z",
"published": "2022-05-24T19:13:18Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-19137"
},
{
"type": "WEB",
"url": "https://github.com/ShuaiJunlan/Autumn/issues/82"
}
],
"schema_version": "1.4.0",
"severity": []
}
GHSA-6QM6-GG4Q-CVM5
Vulnerability from github – Published: 2024-10-10 09:30 – Updated: 2024-10-10 09:30The health endpoint is public so everybody can see a list of all services. It is potentially valuable information for attackers.
{
"affected": [],
"aliases": [
"CVE-2024-9798"
],
"database_specific": {
"cwe_ids": [
"CWE-312"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-10-10T08:15:04Z",
"severity": "CRITICAL"
},
"details": "The health endpoint is public so everybody can see a list of all services. It is potentially valuable information for attackers.",
"id": "GHSA-6qm6-gg4q-cvm5",
"modified": "2024-10-10T09:30:35Z",
"published": "2024-10-10T09:30:35Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-9798"
},
{
"type": "WEB",
"url": "https://github.com/zowe/api-layer"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-6R5W-JJR5-QVGR
Vulnerability from github – Published: 2023-12-13 18:31 – Updated: 2024-11-15 22:26Jenkins OpenId Connect Authentication Plugin stores a password of a local user account used as an anti-lockout feature in a recoverable format, allowing attackers with access to the Jenkins controller file system to recover the plain text password of that account, likely gaining administrator access to Jenkins.
{
"affected": [
{
"package": {
"ecosystem": "Maven",
"name": "org.jenkins-ci.plugins:oic-auth"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "4.229.vf736b"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2023-50770"
],
"database_specific": {
"cwe_ids": [
"CWE-312",
"CWE-522"
],
"github_reviewed": true,
"github_reviewed_at": "2023-12-13T19:34:24Z",
"nvd_published_at": "2023-12-13T18:15:44Z",
"severity": "MODERATE"
},
"details": "Jenkins OpenId Connect Authentication Plugin stores a password of a local user account used as an anti-lockout feature in a recoverable format, allowing attackers with access to the Jenkins controller file system to recover the plain text password of that account, likely gaining administrator access to Jenkins.",
"id": "GHSA-6r5w-jjr5-qvgr",
"modified": "2024-11-15T22:26:42Z",
"published": "2023-12-13T18:31:04Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-50770"
},
{
"type": "WEB",
"url": "https://github.com/jenkinsci/oic-auth-plugin/issues/259"
},
{
"type": "WEB",
"url": "https://github.com/jenkins-infra/update-center2/pull/773"
},
{
"type": "WEB",
"url": "https://github.com/jenkinsci/oic-auth-plugin/pull/287"
},
{
"type": "PACKAGE",
"url": "https://github.com/jenkinsci/oic-auth-plugin"
},
{
"type": "WEB",
"url": "https://www.jenkins.io/security/advisory/2023-12-13/#SECURITY-3168"
},
{
"type": "WEB",
"url": "http://www.openwall.com/lists/oss-security/2023/12/13/4"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
],
"summary": "Password stored in a recoverable format by Jenkins OpenId Connect Authentication Plugin "
}
GHSA-6RG8-WQVX-GHG5
Vulnerability from github – Published: 2025-03-10 15:30 – Updated: 2026-06-01 15:30Cleartext Storage of Sensitive Information in an Environment Variable, Weak Password Recovery Mechanism for Forgotten Password vulnerability in Tapandsign Technologies Tap&Sign App allows Password Recovery Exploitation, Functionality Misuse.This issue affects Tap&Sign App: before V.1.025.
{
"affected": [],
"aliases": [
"CVE-2024-12604"
],
"database_specific": {
"cwe_ids": [
"CWE-312",
"CWE-526"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-03-10T15:15:36Z",
"severity": "HIGH"
},
"details": "Cleartext Storage of Sensitive Information in an Environment Variable, Weak Password Recovery Mechanism for Forgotten Password vulnerability in Tapandsign Technologies Tap\u0026Sign App allows Password Recovery Exploitation, Functionality Misuse.This issue affects Tap\u0026Sign App: before V.1.025.",
"id": "GHSA-6rg8-wqvx-ghg5",
"modified": "2026-06-01T15:30:32Z",
"published": "2025-03-10T15:30:48Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-12604"
},
{
"type": "WEB",
"url": "https://docs.tapandsign.com/tap-and-sign/tap-and-sign-v.1.025-surum-notlari"
},
{
"type": "WEB",
"url": "https://siberguvenlik.gov.tr/guvenlik-bildirimleri/detay/tr-25-0063"
},
{
"type": "WEB",
"url": "https://www.usom.gov.tr/bildirim/tr-25-0063"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"type": "CVSS_V3"
}
]
}
GHSA-6V48-P2G5-G5G2
Vulnerability from github – Published: 2024-09-12 15:33 – Updated: 2024-10-31 21:31No-IP Dynamic Update Client (DUC) v3.x uses cleartext credentials that may occur on a command line or in a file. NOTE: the vendor's position is that cleartext in /etc/default/noip-duc is recommended and is the intentional behavior.
{
"affected": [],
"aliases": [
"CVE-2024-40457"
],
"database_specific": {
"cwe_ids": [
"CWE-312",
"CWE-313"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-09-12T14:16:06Z",
"severity": "CRITICAL"
},
"details": "No-IP Dynamic Update Client (DUC) v3.x uses cleartext credentials that may occur on a command line or in a file. NOTE: the vendor\u0027s position is that cleartext in /etc/default/noip-duc is recommended and is the intentional behavior.",
"id": "GHSA-6v48-p2g5-g5g2",
"modified": "2024-10-31T21:31:44Z",
"published": "2024-09-12T15:33:01Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-40457"
},
{
"type": "WEB",
"url": "https://github.com/jeppojeps/CVE-2024-40457-PoC"
},
{
"type": "WEB",
"url": "https://www.noip.com/support/knowledgebase/install-linux-3-x-dynamic-update-client-duc"
},
{
"type": "WEB",
"url": "https://www.noip.com/support/knowledgebase/running-linux-duc-v3-0-startup-2"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-6VFQ-JMXG-G58R
Vulnerability from github – Published: 2022-09-16 21:02 – Updated: 2022-09-16 21:02Impact
The request for the customer detail view in the backend administration contained sensitive data like the hashed password and the session ID.
Patches
We recommend updating to the current version 5.7.15. You can get the update to 5.7.15 regularly via the Auto-Updater or directly via the download overview. https://www.shopware.com/en/changelog-sw5/#5-7-15
For older versions you can use the Security Plugin: https://store.shopware.com/en/swag575294366635f/shopware-security-plugin.html
References
https://docs.shopware.com/en/shopware-5-en/security-updates/security-update-09-2022
{
"affected": [
{
"database_specific": {
"last_known_affected_version_range": "\u003c= 5.7.14"
},
"package": {
"ecosystem": "Packagist",
"name": "shopware/shopware"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "5.7.15"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2022-36101"
],
"database_specific": {
"cwe_ids": [
"CWE-200",
"CWE-312"
],
"github_reviewed": true,
"github_reviewed_at": "2022-09-16T21:02:55Z",
"nvd_published_at": "2022-09-12T20:15:00Z",
"severity": "MODERATE"
},
"details": "### Impact\nThe request for the customer detail view in the backend administration contained sensitive data like the hashed password and the session ID.\n\n### Patches\nWe recommend updating to the current version 5.7.15. You can get the update to 5.7.15 regularly via the Auto-Updater or directly via the download overview.\nhttps://www.shopware.com/en/changelog-sw5/#5-7-15\n\nFor older versions you can use the Security Plugin:\nhttps://store.shopware.com/en/swag575294366635f/shopware-security-plugin.html\n\n\n### References\nhttps://docs.shopware.com/en/shopware-5-en/security-updates/security-update-09-2022",
"id": "GHSA-6vfq-jmxg-g58r",
"modified": "2022-09-16T21:02:55Z",
"published": "2022-09-16T21:02:55Z",
"references": [
{
"type": "WEB",
"url": "https://github.com/shopware/shopware/security/advisories/GHSA-6vfq-jmxg-g58r"
},
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-36101"
},
{
"type": "WEB",
"url": "https://github.com/shopware/shopware/commit/af5cdbc81d60f21b728e1433aeb8837f25938d2a"
},
{
"type": "WEB",
"url": "https://docs.shopware.com/en/shopware-5-en/security-updates/security-update-09-2022"
},
{
"type": "PACKAGE",
"url": "https://github.com/shopware/shopware"
},
{
"type": "WEB",
"url": "https://packagist.org/packages/shopware/shopware"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N",
"type": "CVSS_V3"
}
],
"summary": "Shopware contains sensitive data in backend customer module"
}
Mitigation
When storing data in the cloud (e.g., S3 buckets, Azure blobs, Google Cloud Storage, etc.), use the provider's controls to encrypt the data at rest. [REF-1297] [REF-1299] [REF-1301]
Mitigation
In some systems/environments such as cloud, the use of "double encryption" (at both the software and hardware layer) might be required, and the developer might be solely responsible for both layers, instead of shared responsibility with the administrator of the broader system/environment.
CAPEC-37: Retrieve Embedded Sensitive Data
An attacker examines a target system to find sensitive data that has been embedded within it. This information can reveal confidential contents, such as account numbers or individual keys/credentials that can be used as an intermediate step in a larger attack.