CWE-312
AllowedCleartext Storage of Sensitive Information
Abstraction: Base · Status: Draft
The product stores sensitive information in cleartext within a resource that might be accessible to another control sphere.
1017 vulnerabilities reference this CWE, most recent first.
GHSA-6W7R-4V6H-JJQ5
Vulnerability from github – Published: 2022-12-12 18:30 – Updated: 2022-12-15 18:30A cleartext storage of sensitive information vulnerability exists in PcVue versions 8.10 through 15.2.3. This could allow an unauthorized user with access the email and short messaging service (SMS) accounts configuration files to discover the associated simple mail transfer protocol (SMTP) account credentials and the SIM card PIN code. Successful exploitation of this vulnerability could allow an unauthorized user access to the underlying email account and SIM card.
{
"affected": [],
"aliases": [
"CVE-2022-4312"
],
"database_specific": {
"cwe_ids": [
"CWE-312",
"CWE-522"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2022-12-12T18:15:00Z",
"severity": "MODERATE"
},
"details": "A cleartext storage of sensitive information vulnerability exists in PcVue versions 8.10 through 15.2.3. This could allow an unauthorized user with access the email and short messaging service (SMS) accounts configuration files to discover the associated simple mail transfer protocol (SMTP) account credentials and the SIM card PIN code. Successful exploitation of this vulnerability could allow an unauthorized user access to the underlying email account and SIM card.",
"id": "GHSA-6w7r-4v6h-jjq5",
"modified": "2022-12-15T18:30:24Z",
"published": "2022-12-12T18:30:27Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-4312"
},
{
"type": "WEB",
"url": "https://www.pcvuesolutions.com/support/index.php/en/security-bulletin/1171-security-bulletin-2022-7"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-6XPF-79GP-9FC2
Vulnerability from github – Published: 2022-05-24 17:38 – Updated: 2022-05-24 17:38In Marvell QConvergeConsole GUI <= 5.5.0.74, credentials are stored in cleartext in tomcat-users.xml. OS-level users on the QCC host who are not authorized to use QCC may use the plaintext credentials to login to QCC.
{
"affected": [],
"aliases": [
"CVE-2020-5805"
],
"database_specific": {
"cwe_ids": [
"CWE-312"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2021-01-08T16:15:00Z",
"severity": "HIGH"
},
"details": "In Marvell QConvergeConsole GUI \u003c= 5.5.0.74, credentials are stored in cleartext in tomcat-users.xml. OS-level users on the QCC host who are not authorized to use QCC may use the plaintext credentials to login to QCC.",
"id": "GHSA-6xpf-79gp-9fc2",
"modified": "2022-05-24T17:38:22Z",
"published": "2022-05-24T17:38:22Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-5805"
},
{
"type": "WEB",
"url": "https://www.tenable.com/security/research/tra-2021-01"
}
],
"schema_version": "1.4.0",
"severity": []
}
GHSA-6XPQ-789W-CRHJ
Vulnerability from github – Published: 2023-06-11 15:30 – Updated: 2024-10-16 12:30The Danfoss AK-EM100 stores login credentials in cleartext.
{
"affected": [],
"aliases": [
"CVE-2023-22584"
],
"database_specific": {
"cwe_ids": [
"CWE-312"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2023-06-11T14:15:09Z",
"severity": "HIGH"
},
"details": "The Danfoss AK-EM100 stores login credentials in cleartext.",
"id": "GHSA-6xpq-789w-crhj",
"modified": "2024-10-16T12:30:47Z",
"published": "2023-06-11T15:30:30Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-22584"
},
{
"type": "WEB",
"url": "https://csirt.divd.nl/CVE-2023-22584"
},
{
"type": "WEB",
"url": "https://csirt.divd.nl/DIVD-2023-00021"
},
{
"type": "WEB",
"url": "https://divd.nl/cves/CVE-2023-22584"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-723J-VWR2-6865
Vulnerability from github – Published: 2023-03-23 18:30 – Updated: 2023-03-30 21:30A vulnerability in the implementation of the Cisco Network Plug-and-Play (PnP) agent of Cisco DNA Center could allow an authenticated, remote attacker to view sensitive information in clear text. The attacker must have valid low-privileged user credentials. This vulnerability is due to improper role-based access control (RBAC) with the integration of PnP. An attacker could exploit this vulnerability by authenticating to the device and sending a query to an internal API. A successful exploit could allow the attacker to view sensitive information in clear text, which could include configuration files.
{
"affected": [],
"aliases": [
"CVE-2023-20059"
],
"database_specific": {
"cwe_ids": [
"CWE-312",
"CWE-555"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2023-03-23T17:15:00Z",
"severity": "MODERATE"
},
"details": "A vulnerability in the implementation of the Cisco Network Plug-and-Play (PnP) agent of Cisco DNA Center could allow an authenticated, remote attacker to view sensitive information in clear text. The attacker must have valid low-privileged user credentials. This vulnerability is due to improper role-based access control (RBAC) with the integration of PnP. An attacker could exploit this vulnerability by authenticating to the device and sending a query to an internal API. A successful exploit could allow the attacker to view sensitive information in clear text, which could include configuration files.",
"id": "GHSA-723j-vwr2-6865",
"modified": "2023-03-30T21:30:23Z",
"published": "2023-03-23T18:30:19Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-20059"
},
{
"type": "WEB",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-dnac-infodisc-pe7zAbdR"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-72GJ-XRP6-846V
Vulnerability from github – Published: 2025-04-09 09:31 – Updated: 2025-04-09 09:31This vulnerability exists in TP-Link Tapo H200 V1 IoT Smart Hub due to storage of Wi-Fi credentials in plain text within the device firmware. An attacker with physical access could exploit this by extracting the firmware and analyzing the binary data to obtain the Wi-Fi credentials stored on the vulnerable device.
{
"affected": [],
"aliases": [
"CVE-2025-3442"
],
"database_specific": {
"cwe_ids": [
"CWE-312"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-04-09T07:15:41Z",
"severity": "MODERATE"
},
"details": "This vulnerability exists in TP-Link Tapo\u00a0H200 V1 IoT Smart Hub due to storage of Wi-Fi credentials in plain text within the device firmware. An attacker with physical access could exploit this by extracting the firmware and analyzing the binary data to obtain the Wi-Fi credentials stored on the vulnerable device.",
"id": "GHSA-72gj-xrp6-846v",
"modified": "2025-04-09T09:31:24Z",
"published": "2025-04-09T09:31:24Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-3442"
},
{
"type": "WEB",
"url": "https://www.cert-in.org.in/s2cMainServlet?pageid=PUBVLNOTES01\u0026VLCODE=CIVN-2025-0072"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:4.0/AV:P/AC:H/AT:N/PR:N/UI:N/VC:H/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"type": "CVSS_V4"
}
]
}
GHSA-72W4-WJVH-293C
Vulnerability from github – Published: 2025-02-14 00:30 – Updated: 2025-02-14 00:30mySCADA myPRO Manager
stores credentials in cleartext, which could allow an attacker to obtain sensitive information.
{
"affected": [],
"aliases": [
"CVE-2025-22896"
],
"database_specific": {
"cwe_ids": [
"CWE-312"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-02-13T22:15:11Z",
"severity": "CRITICAL"
},
"details": "mySCADA myPRO Manager\n\n\nstores credentials in cleartext, which could allow an attacker to obtain sensitive information.",
"id": "GHSA-72w4-wjvh-293c",
"modified": "2025-02-14T00:30:44Z",
"published": "2025-02-14T00:30:44Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-22896"
},
{
"type": "WEB",
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-25-044-16"
},
{
"type": "WEB",
"url": "https://www.myscada.org/contacts"
},
{
"type": "WEB",
"url": "https://www.myscada.org/downloads/mySCADAPROManager"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N",
"type": "CVSS_V3"
},
{
"score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:H/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"type": "CVSS_V4"
}
]
}
GHSA-734G-RVC3-RX28
Vulnerability from github – Published: 2022-06-08 00:00 – Updated: 2022-06-18 00:00** DISPUTED ** FileZilla v3.59.0 allows attackers to obtain cleartext passwords of connected SSH or FTP servers via a memory dump.- NOTE: the vendor does not consider this a vulnerability.
{
"affected": [],
"aliases": [
"CVE-2022-29620"
],
"database_specific": {
"cwe_ids": [
"CWE-312"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2022-06-07T21:15:00Z",
"severity": "MODERATE"
},
"details": "** DISPUTED ** FileZilla v3.59.0 allows attackers to obtain cleartext passwords of connected SSH or FTP servers via a memory dump.- NOTE: the vendor does not consider this a vulnerability.",
"id": "GHSA-734g-rvc3-rx28",
"modified": "2022-06-18T00:00:23Z",
"published": "2022-06-08T00:00:32Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-29620"
},
{
"type": "WEB",
"url": "https://whichbuffer.medium.com/filezilla-client-cleartext-storage-of-sensitive-information-in-memory-vulnerability-83958c1e1643"
},
{
"type": "WEB",
"url": "https://youtu.be/ErZl1i7McHk"
},
{
"type": "WEB",
"url": "https://youtu.be/eSlfQQytIq0"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-73XM-9G5X-69F4
Vulnerability from github – Published: 2022-05-13 01:44 – Updated: 2022-05-13 01:44The "Photo,Video Locker-Calculator" application 12.0 for Android has android:allowBackup="true" in AndroidManifest.xml, which allows attackers to obtain sensitive cleartext information via an "adb backup '-f smart.calculator.gallerylock'" command.
{
"affected": [],
"aliases": [
"CVE-2017-16835"
],
"database_specific": {
"cwe_ids": [
"CWE-312"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2018-02-20T06:29:00Z",
"severity": "HIGH"
},
"details": "The \"Photo,Video Locker-Calculator\" application 12.0 for Android has android:allowBackup=\"true\" in AndroidManifest.xml, which allows attackers to obtain sensitive cleartext information via an \"adb backup \u0027-f smart.calculator.gallerylock\u0027\" command.",
"id": "GHSA-73xm-9g5x-69f4",
"modified": "2022-05-13T01:44:13Z",
"published": "2022-05-13T01:44:13Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-16835"
},
{
"type": "WEB",
"url": "https://www.ds-security.com/2017/11/16/photovideo-locker-calculator-leak-of-sensitive-files"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-746G-3GFP-HFHW
Vulnerability from github – Published: 2023-01-26 23:54 – Updated: 2023-12-14 22:26Devise version before 3.5.4 uses cookies to implement a "Remember me" functionality. However, it generates the same cookie for all devices. If an attacker manages to steal a remember me cookie and the user does not change the password frequently, the cookie can be used to gain access to the application indefinitely.
{
"affected": [
{
"package": {
"ecosystem": "RubyGems",
"name": "devise"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "3.5.4"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2015-8314"
],
"database_specific": {
"cwe_ids": [
"CWE-288",
"CWE-312"
],
"github_reviewed": true,
"github_reviewed_at": "2023-01-26T23:54:07Z",
"nvd_published_at": "2023-12-12T17:15:07Z",
"severity": "HIGH"
},
"details": "Devise version before 3.5.4 uses cookies to implement a \"Remember me\" functionality. However, it generates the same cookie for all devices. If an attacker manages to steal a remember me cookie and the user does not change the password frequently, the cookie can be used to gain access to the application indefinitely.\n",
"id": "GHSA-746g-3gfp-hfhw",
"modified": "2023-12-14T22:26:44Z",
"published": "2023-01-26T23:54:07Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2015-8314"
},
{
"type": "WEB",
"url": "https://github.com/heartcombo/devise/commit/c92996646aba2d25b2c3e235fe0c4f1a84b70d24"
},
{
"type": "ADVISORY",
"url": "https://github.com/advisories/GHSA-746g-3gfp-hfhw"
},
{
"type": "PACKAGE",
"url": "https://github.com/heartcombo/devise"
},
{
"type": "WEB",
"url": "https://github.com/rubysec/ruby-advisory-db/blob/master/gems/devise/CVE-2015-8314.yml"
},
{
"type": "WEB",
"url": "https://rubysec.com/advisories/CVE-2015-8314"
},
{
"type": "WEB",
"url": "http://blog.plataformatec.com.br/2016/01/improve-remember-me-cookie-expiration-in-devise"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
}
],
"summary": "Devise Gem for Ruby Unauthorized Access Using \"Remember Me\" Cookie"
}
GHSA-748V-PXM5-9M8Q
Vulnerability from github – Published: 2022-12-22 21:30 – Updated: 2025-04-15 18:31Logins saved by Firefox should be managed by the Password Manager component which uses encryption to save files on-disk. Instead, the username (not password) was saved by the Form Manager to an unencrypted file on disk. This vulnerability affects Firefox < 106.
{
"affected": [],
"aliases": [
"CVE-2022-42931"
],
"database_specific": {
"cwe_ids": [
"CWE-312",
"CWE-922"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2022-12-22T20:15:00Z",
"severity": "LOW"
},
"details": "Logins saved by Firefox should be managed by the Password Manager component which uses encryption to save files on-disk. Instead, the username (not password) was saved by the Form Manager to an unencrypted file on disk. This vulnerability affects Firefox \u003c 106.",
"id": "GHSA-748v-pxm5-9m8q",
"modified": "2025-04-15T18:31:34Z",
"published": "2022-12-22T21:30:28Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-42931"
},
{
"type": "WEB",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1780571"
},
{
"type": "WEB",
"url": "https://www.mozilla.org/security/advisories/mfsa2022-44"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"type": "CVSS_V3"
}
]
}
Mitigation
When storing data in the cloud (e.g., S3 buckets, Azure blobs, Google Cloud Storage, etc.), use the provider's controls to encrypt the data at rest. [REF-1297] [REF-1299] [REF-1301]
Mitigation
In some systems/environments such as cloud, the use of "double encryption" (at both the software and hardware layer) might be required, and the developer might be solely responsible for both layers, instead of shared responsibility with the administrator of the broader system/environment.
CAPEC-37: Retrieve Embedded Sensitive Data
An attacker examines a target system to find sensitive data that has been embedded within it. This information can reveal confidential contents, such as account numbers or individual keys/credentials that can be used as an intermediate step in a larger attack.