Common Weakness Enumeration

CWE-312

Allowed

Cleartext Storage of Sensitive Information

Abstraction: Base · Status: Draft

The product stores sensitive information in cleartext within a resource that might be accessible to another control sphere.

1017 vulnerabilities reference this CWE, most recent first.

GHSA-C8C6-87MV-3FM9

Vulnerability from github – Published: 2024-04-05 18:30 – Updated: 2025-03-28 21:30
VLAI
Details

In Unify CP IP Phone firmware 1.10.4.3, files are not encrypted and contain sensitive information such as the root password hash.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2024-28065"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-312"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-04-05T18:15:09Z",
    "severity": "MODERATE"
  },
  "details": "In Unify CP IP Phone firmware 1.10.4.3, files are not encrypted and contain sensitive information such as the root password hash.",
  "id": "GHSA-c8c6-87mv-3fm9",
  "modified": "2025-03-28T21:30:39Z",
  "published": "2024-04-05T18:30:35Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-28065"
    },
    {
      "type": "WEB",
      "url": "https://syss.de"
    },
    {
      "type": "WEB",
      "url": "https://www.syss.de/fileadmin/dokumente/Publikationen/Advisories/SYSS-2024-007.txt"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:L/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-CC23-R63P-28WP

Vulnerability from github – Published: 2022-05-24 19:19 – Updated: 2022-05-24 19:19
VLAI
Details

Delta Electronics DIALink versions 1.2.4.0 and prior stores sensitive information in cleartext, which may allow an attacker to have extensive access to the application directory and escalate privileges.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2021-38422"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-312"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2021-11-03T20:15:00Z",
    "severity": "HIGH"
  },
  "details": "Delta Electronics DIALink versions 1.2.4.0 and prior stores sensitive information in cleartext, which may allow an attacker to have extensive access to the application directory and escalate privileges.",
  "id": "GHSA-cc23-r63p-28wp",
  "modified": "2022-05-24T19:19:31Z",
  "published": "2022-05-24T19:19:31Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-38422"
    },
    {
      "type": "WEB",
      "url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-294-02"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

GHSA-CC4R-8R99-3QMP

Vulnerability from github – Published: 2024-07-26 12:35 – Updated: 2024-08-05 21:31
VLAI
Details

This vulnerability exists in SyroTech SY-GPON-1110-WDONT Router due to storing of FTP credentials in plaintext within the SquashFS-root filesystem associated with the router's firmware. An attacker with physical access could exploit this by extracting the firmware and reverse engineer the binary data to access the plaintext FTP credentials from the vulnerable system.

Successful exploitation of this vulnerability could allow the attacker to gain unauthorized access to the FTP server associated with the targeted system.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2024-41691"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-312"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-07-26T12:15:03Z",
    "severity": "HIGH"
  },
  "details": "This vulnerability exists in SyroTech SY-GPON-1110-WDONT Router due to storing of FTP credentials in plaintext within the SquashFS-root filesystem associated with the router\u0027s firmware. An attacker with physical access could exploit this by extracting the firmware and reverse engineer the binary data to access the plaintext FTP credentials from the vulnerable system.\n\nSuccessful exploitation of this vulnerability could allow the attacker to gain unauthorized access to the FTP server associated with the targeted system.",
  "id": "GHSA-cc4r-8r99-3qmp",
  "modified": "2024-08-05T21:31:19Z",
  "published": "2024-07-26T12:35:50Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-41691"
    },
    {
      "type": "WEB",
      "url": "https://cert-in.org.in/s2cMainServlet?pageid=PUBVLNOTES01\u0026VLCODE=CIVN-2024-0225"
    },
    {
      "type": "WEB",
      "url": "https://www.cert-in.org.in/s2cMainServlet?pageid=PUBVLNOTES01\u0026VLCODE=CIVN-2024-0225"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
      "type": "CVSS_V3"
    },
    {
      "score": "CVSS:4.0/AV:P/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
      "type": "CVSS_V4"
    }
  ]
}

GHSA-CC6F-J84G-6GMR

Vulnerability from github – Published: 2022-05-24 19:13 – Updated: 2022-05-24 19:13
VLAI
Details

Generated Support Bundles contains private S/MIME and PGP keys if containing folder is not hidden. This issue affects: OTRS AG ((OTRS)) Community Edition 6.0.x version 6.0.1 and later versions. OTRS AG OTRS 7.0.x version 7.0.28 and prior versions; 8.0.x version 8.0.15 and prior versions.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2021-36096"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-312"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2021-09-06T15:15:00Z",
    "severity": "MODERATE"
  },
  "details": "Generated Support Bundles contains private S/MIME and PGP keys if containing folder is not hidden. This issue affects: OTRS AG ((OTRS)) Community Edition 6.0.x version 6.0.1 and later versions. OTRS AG OTRS 7.0.x version 7.0.28 and prior versions; 8.0.x version 8.0.15 and prior versions.",
  "id": "GHSA-cc6f-j84g-6gmr",
  "modified": "2022-05-24T19:13:03Z",
  "published": "2022-05-24T19:13:03Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-36096"
    },
    {
      "type": "WEB",
      "url": "https://otrs.com/release-notes/otrs-security-advisory-2021-10"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

GHSA-CCC3-C3HC-G88X

Vulnerability from github – Published: 2023-05-10 06:30 – Updated: 2024-04-04 03:58
VLAI
Details

Cleartext storage of sensitive information exists in SkyBridge MB-A100/110 firmware Ver. 4.2.0 and earlier, which may allow a remote authenticated attacker to obtain an APN credential for the product.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2023-24586"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-312"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2023-05-10T06:15:12Z",
    "severity": "MODERATE"
  },
  "details": "Cleartext storage of sensitive information exists in SkyBridge MB-A100/110 firmware Ver. 4.2.0 and earlier, which may allow a remote authenticated attacker to obtain an APN credential for the product.",
  "id": "GHSA-ccc3-c3hc-g88x",
  "modified": "2024-04-04T03:58:29Z",
  "published": "2023-05-10T06:30:28Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-24586"
    },
    {
      "type": "WEB",
      "url": "https://jvn.jp/en/jp/JVN40604023"
    },
    {
      "type": "WEB",
      "url": "https://www.seiko-sol.co.jp/archives/73969"
    },
    {
      "type": "WEB",
      "url": "https://www.seiko-sol.co.jp/products/skybridge/skybridge_download/mb-a100"
    },
    {
      "type": "WEB",
      "url": "https://www.seiko-sol.co.jp/products/skybridge/skybridge_download/mb-a130"
    },
    {
      "type": "WEB",
      "url": "https://www.seiko-sol.co.jp/products/skybridge/skybridge_download/mb-a200"
    },
    {
      "type": "WEB",
      "url": "https://www.seiko-sol.co.jp/products/skyspider/skyspider_download/mb-r210"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-CCMG-3338-RH6P

Vulnerability from github – Published: 2025-04-30 15:30 – Updated: 2025-04-30 15:30
VLAI
Details

Incorrect Permission Assignment for Critical Resource, Cleartext Storage of Sensitive Information vulnerability in ABB Automation Builder.This issue affects Automation Builder: through 2.8.0.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2025-3395"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-312"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-04-30T13:15:49Z",
    "severity": "HIGH"
  },
  "details": "Incorrect Permission Assignment for Critical Resource, Cleartext Storage of Sensitive Information vulnerability in ABB Automation Builder.This issue affects Automation Builder: through 2.8.0.",
  "id": "GHSA-ccmg-3338-rh6p",
  "modified": "2025-04-30T15:30:48Z",
  "published": "2025-04-30T15:30:48Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-3395"
    },
    {
      "type": "WEB",
      "url": "https://search.abb.com/library/Download.aspx?DocumentID=3ADR011407\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N",
      "type": "CVSS_V3"
    },
    {
      "score": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
      "type": "CVSS_V4"
    }
  ]
}

GHSA-CG49-X3J6-7J3G

Vulnerability from github – Published: 2025-05-26 12:30 – Updated: 2025-05-26 12:30
VLAI
Details

The data stored in Be-Tech Mifare Classic card is stored in cleartext. An attacker having access to a Be-Tech hotel guest Mifare Classic card can create a master key card that unlocks all the locks in the building.

This issue affects all Be-Tech Mifare Classic card systems. To fix the vulnerability, it is necessary to replace the software, encoder, cards, and PCBs in the locks.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2025-4053"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-312"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-05-26T10:15:21Z",
    "severity": "MODERATE"
  },
  "details": "The data\u00a0stored in\u00a0Be-Tech Mifare Classic card\u00a0is stored in cleartext.\u00a0An attacker having access to a Be-Tech hotel guest\u00a0Mifare Classic card can create a master key card that unlocks all the locks in the building. \n\nThis issue affects all\u00a0Be-Tech Mifare Classic card systems.\u00a0To fix the vulnerability, it is necessary to replace the software, encoder, cards, and PCBs in the locks.",
  "id": "GHSA-cg49-x3j6-7j3g",
  "modified": "2025-05-26T12:30:30Z",
  "published": "2025-05-26T12:30:30Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-4053"
    },
    {
      "type": "WEB",
      "url": "https://cert.pl/en/posts/2025/05/CVE-2025-4053"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:4.0/AV:P/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
      "type": "CVSS_V4"
    }
  ]
}

GHSA-CG8Q-MVMC-QR6H

Vulnerability from github – Published: 2022-05-24 19:07 – Updated: 2022-07-28 00:00
VLAI
Details

When configuring Octopus Server if it is configured with an external SQL database, on initial configuration the database password is written to the OctopusServer.txt log file in plaintext.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2021-31817"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-312"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2021-07-08T11:15:00Z",
    "severity": "HIGH"
  },
  "details": "When configuring Octopus Server if it is configured with an external SQL database, on initial configuration the database password is written to the OctopusServer.txt log file in plaintext.",
  "id": "GHSA-cg8q-mvmc-qr6h",
  "modified": "2022-07-28T00:00:45Z",
  "published": "2022-05-24T19:07:18Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-31817"
    },
    {
      "type": "WEB",
      "url": "https://advisories.octopus.com/adv/2021-06---Cleartext-Storage-of-Sensitive-Information-(CVE-2021-31817).2121138201.html"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-CGRW-9Q9P-34FJ

Vulnerability from github – Published: 2024-07-10 00:30 – Updated: 2024-07-10 00:30
VLAI
Details

SnapCenter versions prior to 5.0p1 are susceptible to a vulnerability which could allow an authenticated attacker to discover plaintext credentials.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2024-21993"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-312"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-07-09T22:15:01Z",
    "severity": "MODERATE"
  },
  "details": "SnapCenter versions prior to 5.0p1 are susceptible to a vulnerability\n which could allow an authenticated attacker to discover plaintext \ncredentials.",
  "id": "GHSA-cgrw-9q9p-34fj",
  "modified": "2024-07-10T00:30:41Z",
  "published": "2024-07-10T00:30:41Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-21993"
    },
    {
      "type": "WEB",
      "url": "https://security.netapp.com/advisory/ntap-20240705-0007"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-CHM8-X5HX-J7RX

Vulnerability from github – Published: 2022-05-24 19:11 – Updated: 2022-05-24 19:11
VLAI
Details

An information disclosure vulnerability exists in the EPA protocol of Dut Computer Control Engineering Co.'s PLC MAC1100.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2020-18759"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-312"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2021-08-13T17:15:00Z",
    "severity": "HIGH"
  },
  "details": "An information disclosure vulnerability exists in the EPA protocol of Dut Computer Control Engineering Co.\u0027s PLC MAC1100.",
  "id": "GHSA-chm8-x5hx-j7rx",
  "modified": "2022-05-24T19:11:03Z",
  "published": "2022-05-24T19:11:03Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-18759"
    },
    {
      "type": "WEB",
      "url": "https://github.com/Ni9htMar3/vulnerability/blob/master/PLC/DCCE/DCCE%20MAC1100%20PLC_leak2.md"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

Mitigation
Implementation System Configuration Operation

When storing data in the cloud (e.g., S3 buckets, Azure blobs, Google Cloud Storage, etc.), use the provider's controls to encrypt the data at rest. [REF-1297] [REF-1299] [REF-1301]

Mitigation
Implementation System Configuration Operation

In some systems/environments such as cloud, the use of "double encryption" (at both the software and hardware layer) might be required, and the developer might be solely responsible for both layers, instead of shared responsibility with the administrator of the broader system/environment.

CAPEC-37: Retrieve Embedded Sensitive Data

An attacker examines a target system to find sensitive data that has been embedded within it. This information can reveal confidential contents, such as account numbers or individual keys/credentials that can be used as an intermediate step in a larger attack.