Common Weakness Enumeration

CWE-312

Allowed

Cleartext Storage of Sensitive Information

Abstraction: Base · Status: Draft

The product stores sensitive information in cleartext within a resource that might be accessible to another control sphere.

1017 vulnerabilities reference this CWE, most recent first.

GHSA-9JPJ-CPH8-W449

Vulnerability from github – Published: 2026-04-20 06:31 – Updated: 2026-04-24 20:35
VLAI
Summary
Langflow: Cleartext Storage of Authentication Settings in Project Creation Endpoint
Details

A security vulnerability has been detected in langflow-ai langflow up to 1.8.3. The affected element is the function create_project/encrypt_auth_settings of the file src/backend/base/Langflow/api/v1/projects.py of the component Project Creation Endpoint. Such manipulation of the argument auth_settings leads to cleartext storage in a file or on disk. The attack can be launched remotely. The exploit has been disclosed publicly and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

Show details on source website

{
  "affected": [
    {
      "package": {
        "ecosystem": "PyPI",
        "name": "langflow"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "1.9.1"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2026-6598"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-312",
      "CWE-313"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2026-04-24T20:35:01Z",
    "nvd_published_at": "2026-04-20T04:16:52Z",
    "severity": "LOW"
  },
  "details": "A security vulnerability has been detected in langflow-ai langflow up to 1.8.3. The affected element is the function create_project/encrypt_auth_settings of the file src/backend/base/Langflow/api/v1/projects.py of the component Project Creation Endpoint. Such manipulation of the argument auth_settings leads to cleartext storage in a file or on disk. The attack can be launched remotely. The exploit has been disclosed publicly and may be used. The vendor was contacted early about this disclosure but did not respond in any way.",
  "id": "GHSA-9jpj-cph8-w449",
  "modified": "2026-04-24T20:35:01Z",
  "published": "2026-04-20T06:31:27Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-6598"
    },
    {
      "type": "WEB",
      "url": "https://github.com/langflow-ai/langflow/commit/45325f6376309a91f5017fa033a96c09c7e295e3"
    },
    {
      "type": "WEB",
      "url": "https://gist.github.com/chenhouser2025/77adb3486c06c635ae4b09a3eaf90213"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/langflow-ai/langflow"
    },
    {
      "type": "WEB",
      "url": "https://vuldb.com/submit/791921"
    },
    {
      "type": "WEB",
      "url": "https://vuldb.com/vuln/358233"
    },
    {
      "type": "WEB",
      "url": "https://vuldb.com/vuln/358233/cti"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
      "type": "CVSS_V3"
    },
    {
      "score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:P",
      "type": "CVSS_V4"
    }
  ],
  "summary": "Langflow: Cleartext Storage of Authentication Settings in Project Creation Endpoint"
}

GHSA-9MC5-9564-268J

Vulnerability from github – Published: 2023-05-16 00:30 – Updated: 2024-04-04 04:11
VLAI
Details

In onSetRuntimePermissionGrantStateByDeviceAdmin of AdminRestrictedPermissionsUtils.java, there is a possible way for the work profile to read SMS messages due to a permissions bypass. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-189942529

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2023-20914"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-312"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2023-05-15T22:15:11Z",
    "severity": "MODERATE"
  },
  "details": "In onSetRuntimePermissionGrantStateByDeviceAdmin of AdminRestrictedPermissionsUtils.java, there is a possible way for the work profile to read SMS messages due to a permissions bypass. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-189942529",
  "id": "GHSA-9mc5-9564-268j",
  "modified": "2024-04-04T04:11:23Z",
  "published": "2023-05-16T00:30:17Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-20914"
    },
    {
      "type": "WEB",
      "url": "https://source.android.com/security/bulletin/2023-05-01"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-9MHW-HMHP-8RM5

Vulnerability from github – Published: 2022-05-24 19:14 – Updated: 2022-06-15 00:00
VLAI
Details

A vulnerability has been identified in SIMATIC CP 1543-1 (incl. SIPLUS variants) (All versions < V3.0), SIMATIC CP 1545-1 (All versions). An attacker with access to the subnet of the affected device could retrieve sensitive information stored in cleartext.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2021-33716"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-312"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2021-09-14T11:15:00Z",
    "severity": "MODERATE"
  },
  "details": "A vulnerability has been identified in SIMATIC CP 1543-1 (incl. SIPLUS variants) (All versions \u003c V3.0), SIMATIC CP 1545-1 (All versions). An attacker with access to the subnet of the affected device could retrieve sensitive information stored in cleartext.",
  "id": "GHSA-9mhw-hmhp-8rm5",
  "modified": "2022-06-15T00:00:33Z",
  "published": "2022-05-24T19:14:32Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-33716"
    },
    {
      "type": "WEB",
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-535997.pdf"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-9QWC-8PQF-MRXV

Vulnerability from github – Published: 2022-05-24 17:49 – Updated: 2022-05-24 17:49
VLAI
Details

Dell EMC Unity, UnityVSA, and Unity XT versions prior to 5.0.7.0.5.008 contain a plain-text password storage vulnerability when the Dell Upgrade Readiness Utility is run on the system. The credentials of the Unisphere Administrator are stored in plain text. A local malicious user with high privileges may use the exposed password to gain access with the privileges of the compromised user.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2021-21547"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-312"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2021-04-30T21:15:00Z",
    "severity": "MODERATE"
  },
  "details": "Dell EMC Unity, UnityVSA, and Unity XT versions prior to 5.0.7.0.5.008 contain a plain-text password storage vulnerability when the Dell Upgrade Readiness Utility is run on the system. The credentials of the Unisphere Administrator are stored in plain text. A local malicious user with high privileges may use the exposed password to gain access with the privileges of the compromised user.",
  "id": "GHSA-9qwc-8pqf-mrxv",
  "modified": "2022-05-24T17:49:22Z",
  "published": "2022-05-24T17:49:22Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-21547"
    },
    {
      "type": "WEB",
      "url": "https://www.dell.com/support/kbdoc/000185484"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

GHSA-9R2G-27GF-RM9W

Vulnerability from github – Published: 2024-08-15 03:30 – Updated: 2024-08-15 03:30
VLAI
Details

IBM QRadar Suite Software 1.10.12.0 through 1.10.23.0 and IBM Cloud Pak for Security 1.10.0.0 through 1.10.11.0 stores user credentials in plain clear text which can be read by a local user. IBM X-Force ID: 281430.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2024-25024"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-256",
      "CWE-312"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-08-15T03:15:04Z",
    "severity": "MODERATE"
  },
  "details": "IBM QRadar Suite Software 1.10.12.0 through 1.10.23.0 and IBM Cloud Pak for Security 1.10.0.0 through 1.10.11.0 stores user credentials in plain clear text which can be read by a local user.  IBM X-Force ID:  281430.",
  "id": "GHSA-9r2g-27gf-rm9w",
  "modified": "2024-08-15T03:30:28Z",
  "published": "2024-08-15T03:30:28Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-25024"
    },
    {
      "type": "WEB",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/281430"
    },
    {
      "type": "WEB",
      "url": "https://www.ibm.com/support/pages/node/7165488"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-9RR6-VQ6Q-PWWR

Vulnerability from github – Published: 2024-11-15 18:30 – Updated: 2024-11-15 21:30
VLAI
Details

Hathway Skyworth Router CM5100-511 v4.1.1.24 was discovered to store sensitive information about USB and Wifi connected devices in plaintext.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2024-46383"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-312"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-11-15T18:15:27Z",
    "severity": "LOW"
  },
  "details": "Hathway Skyworth Router CM5100-511 v4.1.1.24 was discovered to store sensitive information about USB and Wifi connected devices in plaintext.",
  "id": "GHSA-9rr6-vq6q-pwwr",
  "modified": "2024-11-15T21:30:46Z",
  "published": "2024-11-15T18:30:51Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-46383"
    },
    {
      "type": "WEB",
      "url": "https://github.com/nitinronge91/Sensitive-Information-disclosure-via-SPI-flash-firmware-for-Hathway-router-CVE-2024-46383"
    },
    {
      "type": "WEB",
      "url": "http://skyworth.com"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-9V6P-Q56X-H64P

Vulnerability from github – Published: 2025-12-10 21:31 – Updated: 2025-12-11 21:31
VLAI
Details

The mobile application was found to contain stored credentials for the network it was developed on. If an attacker retrieved this, and found the physical location of the Wi-Fi network, they could gain unauthorized access to the Wi-Fi network of the vendor. Additionally, if an attacker were located in close physical proximity to the device when it was first set up, they may be able to force the device to auto-connect to an attacker-controlled access point by setting the SSID and password to the same as which was found in the firmware file.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2025-65826"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-312"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-12-10T21:16:08Z",
    "severity": "CRITICAL"
  },
  "details": "The mobile application was found to contain stored credentials for the network it was developed on. If an attacker retrieved this, and found the physical location of the Wi-Fi network, they could gain unauthorized access to the Wi-Fi network of the vendor. Additionally, if an attacker were located in close physical proximity to the device when it was first set up, they may be able to force the device to auto-connect to an attacker-controlled access point by setting the SSID and password to the same as which was found in the firmware file.",
  "id": "GHSA-9v6p-q56x-h64p",
  "modified": "2025-12-11T21:31:27Z",
  "published": "2025-12-10T21:31:38Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-65826"
    },
    {
      "type": "WEB",
      "url": "https://gist.github.com/dead1nfluence/4dffc239b4a460f41a03345fd8e5feb5#file-hardcoded-credentials-mobile-md"
    },
    {
      "type": "WEB",
      "url": "https://github.com/dead1nfluence/Meatmeet-Pro-Vulnerabilities/blob/main/Mobile-Application/Hardcoded-Credentials.md"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-9VJX-QHGP-WFVM

Vulnerability from github – Published: 2023-12-01 00:31 – Updated: 2025-11-04 21:30
VLAI
Details

LOYTEC electronics GmbH LINX Configurator 7.4.10 is vulnerable to Insecure Permissions. Cleartext storage of credentials allows remote attackers to disclose admin password and bypass an authentication to login Loytec device.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2023-46384"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-312"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2023-11-30T23:15:07Z",
    "severity": "HIGH"
  },
  "details": "LOYTEC electronics GmbH LINX Configurator 7.4.10 is vulnerable to Insecure Permissions. Cleartext storage of credentials allows remote attackers to disclose admin password and bypass an authentication to login Loytec device.",
  "id": "GHSA-9vjx-qhgp-wfvm",
  "modified": "2025-11-04T21:30:49Z",
  "published": "2023-12-01T00:31:00Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-46384"
    },
    {
      "type": "WEB",
      "url": "https://packetstormsecurity.com/files/175951/Loytec-LINX-Configurator-7.4.10-Insecure-Transit-Cleartext-Secrets.html"
    },
    {
      "type": "WEB",
      "url": "https://seclists.org/fulldisclosure/2023/Nov/6"
    },
    {
      "type": "WEB",
      "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-24-247-01"
    },
    {
      "type": "WEB",
      "url": "https://www.txone.com/blog/ten-unpatched-vulnerabilities-in-building-automation-products-identified-by-txone-networks"
    },
    {
      "type": "WEB",
      "url": "http://seclists.org/fulldisclosure/2023/Nov/6"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-9VRM-V9XV-X3XR

Vulnerability from github – Published: 2023-07-06 19:24 – Updated: 2023-07-06 21:47
VLAI
Summary
HashiCorp Boundary Workers Store Rotated Credentials in Plaintext Even When Key Management Service Configured
Details

HashiCorp Boundary from 0.10.0 through 0.11.2 contain an issue where when using a PKI-based worker with a Key Management Service (KMS) defined in the configuration file, new credentials created after an automatic rotation may not have been encrypted via the intended KMS. This would result in the credentials being stored in plaintext on the Boundary PKI worker’s disk. This issue is fixed in version 0.12.0.

Show details on source website

{
  "affected": [
    {
      "package": {
        "ecosystem": "Go",
        "name": "github.com/hashicorp/boundary"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0.10.0"
            },
            {
              "fixed": "0.12.0"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2023-0690"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-311",
      "CWE-312"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2023-07-06T21:47:39Z",
    "nvd_published_at": "2023-02-08T19:15:00Z",
    "severity": "HIGH"
  },
  "details": "HashiCorp Boundary from 0.10.0 through 0.11.2 contain an issue where when using a PKI-based worker with a Key Management Service (KMS) defined in the configuration file, new credentials created after an automatic rotation may not have been encrypted via the intended KMS. This would result in the credentials being stored in plaintext on the Boundary PKI worker\u2019s disk. This issue is fixed in version 0.12.0.",
  "id": "GHSA-9vrm-v9xv-x3xr",
  "modified": "2023-07-06T21:47:39Z",
  "published": "2023-07-06T19:24:09Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-0690"
    },
    {
      "type": "WEB",
      "url": "https://discuss.hashicorp.com/t/hcsec-2023-03-boundary-workers-store-rotated-credentials-in-plaintext-even-when-key-management-service-configured/49907"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/hashicorp/boundary"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N",
      "type": "CVSS_V3"
    }
  ],
  "summary": "HashiCorp Boundary Workers Store Rotated Credentials in Plaintext Even When Key Management Service Configured"
}

GHSA-9W7X-GH3C-HXF4

Vulnerability from github – Published: 2022-04-03 00:00 – Updated: 2022-04-09 00:00
VLAI
Details

Cleartext Storage of Sensitive Information vulnerability in Mitsubishi Electric MELSEC iQ-F series FX5U(C) CPU all versions and Mitsubishi Electric MELSEC iQ-F series FX5UJ CPU all versions allows a remote attacker to disclose or tamper with a file in which password hash is saved in cleartext.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2022-25158"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-312"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2022-04-01T23:15:00Z",
    "severity": "CRITICAL"
  },
  "details": "Cleartext Storage of Sensitive Information vulnerability in Mitsubishi Electric MELSEC iQ-F series FX5U(C) CPU all versions and Mitsubishi Electric MELSEC iQ-F series FX5UJ CPU all versions allows a remote attacker to disclose or tamper with a file in which password hash is saved in cleartext.",
  "id": "GHSA-9w7x-gh3c-hxf4",
  "modified": "2022-04-09T00:00:39Z",
  "published": "2022-04-03T00:00:59Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-25158"
    },
    {
      "type": "WEB",
      "url": "https://jvn.jp/vu/JVNVU96577897/index.html"
    },
    {
      "type": "WEB",
      "url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-090-04"
    },
    {
      "type": "WEB",
      "url": "https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2021-031_en.pdf"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
      "type": "CVSS_V3"
    }
  ]
}

Mitigation
Implementation System Configuration Operation

When storing data in the cloud (e.g., S3 buckets, Azure blobs, Google Cloud Storage, etc.), use the provider's controls to encrypt the data at rest. [REF-1297] [REF-1299] [REF-1301]

Mitigation
Implementation System Configuration Operation

In some systems/environments such as cloud, the use of "double encryption" (at both the software and hardware layer) might be required, and the developer might be solely responsible for both layers, instead of shared responsibility with the administrator of the broader system/environment.

CAPEC-37: Retrieve Embedded Sensitive Data

An attacker examines a target system to find sensitive data that has been embedded within it. This information can reveal confidential contents, such as account numbers or individual keys/credentials that can be used as an intermediate step in a larger attack.