CWE-312
AllowedCleartext Storage of Sensitive Information
Abstraction: Base · Status: Draft
The product stores sensitive information in cleartext within a resource that might be accessible to another control sphere.
1017 vulnerabilities reference this CWE, most recent first.
GHSA-JFGV-77W2-93RX
Vulnerability from github – Published: 2022-05-24 19:04 – Updated: 2022-10-26 12:00The vulnerability could expose cleartext credentials from AVEVA InTouch Runtime 2020 R2 and all prior versions (WindowViewer) if an authorized, privileged user creates a diagnostic memory dump of the process and saves it to a non-protected location.
{
"affected": [],
"aliases": [
"CVE-2021-32942"
],
"database_specific": {
"cwe_ids": [
"CWE-312",
"CWE-316"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2021-06-09T17:15:00Z",
"severity": "MODERATE"
},
"details": "The vulnerability could expose cleartext credentials from AVEVA InTouch Runtime 2020 R2 and all prior versions (WindowViewer) if an authorized, privileged user creates a diagnostic memory dump of the process and saves it to a non-protected location.",
"id": "GHSA-jfgv-77w2-93rx",
"modified": "2022-10-26T12:00:39Z",
"published": "2022-05-24T19:04:32Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-32942"
},
{
"type": "WEB",
"url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-159-03"
},
{
"type": "WEB",
"url": "https://www.aveva.com/en/support/cyber-security-updates"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-JHP7-5V8Q-5544
Vulnerability from github – Published: 2022-05-24 22:28 – Updated: 2023-05-16 21:30Backup file without encryption vulnerability is found in Hitachi ABB Power Grids System Data Manager – SDM600 allows attacker to gain access to sensitive information. This issue affects: Hitachi ABB Power Grids System Data Manager – SDM600 1.2 versions prior to FP2 HF6 (Build Nr. 1.2.14002.257).
{
"affected": [],
"aliases": [
"CVE-2021-35526"
],
"database_specific": {
"cwe_ids": [
"CWE-312",
"CWE-863"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2021-09-08T16:15:00Z",
"severity": "HIGH"
},
"details": "Backup file without encryption vulnerability is found in Hitachi ABB Power Grids System Data Manager \u2013 SDM600 allows attacker to gain access to sensitive information. This issue affects: Hitachi ABB Power Grids System Data Manager \u2013 SDM600 1.2 versions prior to FP2 HF6 (Build Nr. 1.2.14002.257).",
"id": "GHSA-jhp7-5v8q-5544",
"modified": "2023-05-16T21:30:17Z",
"published": "2022-05-24T22:28:45Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-35526"
},
{
"type": "WEB",
"url": "https://search.abb.com/library/Download.aspx?utm_campaign=\u0026utm_content=2021.08_5051_Cybersecurity%20Advisory%3A\u0026utm_medium=email\u0026utm_source=Eloqua\u0026DocumentID=9AKK107992A4700\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch\u0026elqTrackId=ba79ef3d8aec4a4fad6c0cbe06d33d6c\u0026elq=1bda419954724e908db108def16646a5\u0026elqaid=3638\u0026elqat=1\u0026elqCampaignId="
},
{
"type": "WEB",
"url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-250-02"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-JJMC-HPG2-7V48
Vulnerability from github – Published: 2025-06-29 12:31 – Updated: 2025-06-29 12:31Credentials are not cleared from memory after being used. A user with Administrator permissions can execute memory dump for SmartConsole process and fetch them.
{
"affected": [],
"aliases": [
"CVE-2024-24915"
],
"database_specific": {
"cwe_ids": [
"CWE-312",
"CWE-316"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-06-29T12:15:22Z",
"severity": "MODERATE"
},
"details": "Credentials are not cleared from memory after being used. A user with Administrator permissions can execute memory dump for SmartConsole process and fetch them.",
"id": "GHSA-jjmc-hpg2-7v48",
"modified": "2025-06-29T12:31:06Z",
"published": "2025-06-29T12:31:06Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-24915"
},
{
"type": "WEB",
"url": "https://support.checkpoint.com/results/sk/sk183545"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:P/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-JJQF-J4W7-92W8
Vulnerability from github – Published: 2023-04-19 21:41 – Updated: 2023-04-19 21:41Summary
Strapi through 4.7.1 allows unauthenticated attackers to discover sensitive user details for Strapi administrators and API users.
Details
Strapi through 4.7.1 allows unauthenticated attackers to discover sensitive user details for Strapi administrators and API users. The unauthenticated attacker can filter users by columns that contain sensitive information and infer the values by the changes in the API responses. An unauthenticated attacker can exploit this vulnerability to hijack Strapi administrator accounts and gain unauthorized Strapi Super Administrator access by leaking the password reset token and changing the admin password. This can be exploited on all Strapi versions <=4.7.1.
IoC
The exploitation of CVE-2023-22894 is easily detectable, since the payload is within the GET parameters and are normally included in request logs. The following regex pattern will extract requests that are exploiting this vulnerability to leak user's email, password and password reset token columns.
/(\[|%5B)\s*(email|password|reset_password_token|resetPasswordToken)\s*(\]|%5D)/
You can search log files for this IoC by using the following grep command.
grep -iE '(\[|%5B)\s*(email|password|reset_password_token|resetPasswordToken)\s*(\]|%5D)' $PATH_TO_LOG_FILE
If the above regex pattern matches any lines in your log files, take extra precaution to look out for multiple requests that include password, reset_password_token or resetPasswordToken. This would indicate that an attacker has leaked the password hashes and reset tokens on your Strapi server and you need to immediately start an incident response!
Impact
All Strapi users below 4.8.0
{
"affected": [
{
"package": {
"ecosystem": "npm",
"name": "@strapi/strapi"
},
"ranges": [
{
"events": [
{
"introduced": "3.2.1"
},
{
"fixed": "4.8.0"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2023-22894"
],
"database_specific": {
"cwe_ids": [
"CWE-312"
],
"github_reviewed": true,
"github_reviewed_at": "2023-04-19T21:41:26Z",
"nvd_published_at": "2023-04-19T16:15:07Z",
"severity": "HIGH"
},
"details": "### Summary\n\nStrapi through 4.7.1 allows unauthenticated attackers to discover sensitive user details for Strapi administrators and API users.\n\n### Details\n\nStrapi through 4.7.1 allows unauthenticated attackers to discover sensitive user details for Strapi administrators and API users. The unauthenticated attacker can filter users by columns that contain sensitive information and infer the values by the changes in the API responses. An unauthenticated attacker can exploit this vulnerability to hijack Strapi administrator accounts and gain unauthorized Strapi Super Administrator access by leaking the password reset token and changing the admin password. This can be exploited on all Strapi versions \u003c=4.7.1.\n\n### IoC\n\nThe exploitation of CVE-2023-22894 is easily detectable, since the payload is within the GET parameters and are normally included in request logs. The following regex pattern will extract requests that are exploiting this vulnerability to leak user\u0027s email, password and password reset token columns.\n\n`/(\\[|%5B)\\s*(email|password|reset_password_token|resetPasswordToken)\\s*(\\]|%5D)/`\n\nYou can search log files for this IoC by using the following grep command.\n\n`grep -iE \u0027(\\[|%5B)\\s*(email|password|reset_password_token|resetPasswordToken)\\s*(\\]|%5D)\u0027 $PATH_TO_LOG_FILE`\n\nIf the above regex pattern matches any lines in your log files, take extra precaution to look out for multiple requests that include password, reset_password_token or resetPasswordToken. This would indicate that an attacker has leaked the password hashes and reset tokens on your Strapi server and you need to immediately start an incident response!\n\n### Impact\n\nAll Strapi users below 4.8.0\n",
"id": "GHSA-jjqf-j4w7-92w8",
"modified": "2023-04-19T21:41:26Z",
"published": "2023-04-19T21:41:26Z",
"references": [
{
"type": "WEB",
"url": "https://github.com/strapi/strapi/security/advisories/GHSA-jjqf-j4w7-92w8"
},
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-22894"
},
{
"type": "PACKAGE",
"url": "https://github.com/strapi/strapi"
},
{
"type": "WEB",
"url": "https://github.com/strapi/strapi/releases"
},
{
"type": "WEB",
"url": "https://github.com/strapi/strapi/releases/tag/v4.8.0"
},
{
"type": "WEB",
"url": "https://strapi.io/blog/security-disclosure-of-vulnerabilities-cve"
},
{
"type": "WEB",
"url": "https://www.ghostccamm.com/blog/multi_strapi_vulns"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
}
],
"summary": "Strapi leaking sensitive user information by filtering on private fields"
}
GHSA-JJV4-QPPH-8548
Vulnerability from github – Published: 2022-05-24 19:20 – Updated: 2022-05-24 19:20An issue was discovered in OpenGamePanel OGP-Agent-Linux through 2021-08-14. $HOME/OGP/Cfg/Config.pm has the root password in cleartext.
{
"affected": [],
"aliases": [
"CVE-2021-37157"
],
"database_specific": {
"cwe_ids": [
"CWE-312"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2021-11-10T00:15:00Z",
"severity": "HIGH"
},
"details": "An issue was discovered in OpenGamePanel OGP-Agent-Linux through 2021-08-14. $HOME/OGP/Cfg/Config.pm has the root password in cleartext.",
"id": "GHSA-jjv4-qpph-8548",
"modified": "2022-05-24T19:20:26Z",
"published": "2022-05-24T19:20:26Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-37157"
},
{
"type": "WEB",
"url": "https://github.com/OpenGamePanel/OGP-Agent-Linux/commits/master"
},
{
"type": "WEB",
"url": "https://www.exploit-db.com/exploits/50373"
}
],
"schema_version": "1.4.0",
"severity": []
}
GHSA-JJW7-3VJF-FG5J
Vulnerability from github – Published: 2026-04-02 20:58 – Updated: 2026-05-06 02:39Summary
OpenClaw Nostr privateKey config redaction bypass leaks plaintext signing key via config.get
Current Maintainer Triage
- Status: open
- Normalized severity: medium
- Assessment: v2026.3.28 still models Nostr privateKey as plain string so config views can expose it, and the secret-schema fix is unreleased.
Affected Packages / Versions
- Package:
openclaw(npm) - Latest published npm version:
2026.3.31 - Vulnerable version range:
<=2026.3.28 - Patched versions:
>= 2026.3.31 - First stable tag containing the fix:
v2026.3.31
Fix Commit(s)
57700d716f660591fb6e09727f3ca8041fa48b9d— 2026-03-31T19:55:03+09:00
Release Process Note
- The fix is already present in released version
2026.3.31. - This draft looks ready for final maintainer disposition or publication, not additional code-fix work.
Thanks @ccreater222 for reporting.
{
"affected": [
{
"database_specific": {
"last_known_affected_version_range": "\u003c= 2026.3.28"
},
"package": {
"ecosystem": "npm",
"name": "openclaw"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "2026.3.31"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2026-41385"
],
"database_specific": {
"cwe_ids": [
"CWE-200",
"CWE-312"
],
"github_reviewed": true,
"github_reviewed_at": "2026-04-02T20:58:08Z",
"nvd_published_at": "2026-04-28T19:37:41Z",
"severity": "MODERATE"
},
"details": "## Summary\nOpenClaw Nostr privateKey config redaction bypass leaks plaintext signing key via config.get\n\n## Current Maintainer Triage\n- Status: open\n- Normalized severity: medium\n- Assessment: v2026.3.28 still models Nostr privateKey as plain string so config views can expose it, and the secret-schema fix is unreleased.\n\n## Affected Packages / Versions\n- Package: `openclaw` (npm)\n- Latest published npm version: `2026.3.31`\n- Vulnerable version range: `\u003c=2026.3.28`\n- Patched versions: `\u003e= 2026.3.31`\n- First stable tag containing the fix: `v2026.3.31`\n\n## Fix Commit(s)\n- `57700d716f660591fb6e09727f3ca8041fa48b9d` \u2014 2026-03-31T19:55:03+09:00\n\n## Release Process Note\n- The fix is already present in released version `2026.3.31`.\n- This draft looks ready for final maintainer disposition or publication, not additional code-fix work.\n\nThanks @ccreater222 for reporting.",
"id": "GHSA-jjw7-3vjf-fg5j",
"modified": "2026-05-06T02:39:00Z",
"published": "2026-04-02T20:58:08Z",
"references": [
{
"type": "WEB",
"url": "https://github.com/openclaw/openclaw/security/advisories/GHSA-jjw7-3vjf-fg5j"
},
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-41385"
},
{
"type": "WEB",
"url": "https://github.com/openclaw/openclaw/commit/57700d716f660591fb6e09727f3ca8041fa48b9d"
},
{
"type": "PACKAGE",
"url": "https://github.com/openclaw/openclaw"
},
{
"type": "WEB",
"url": "https://github.com/openclaw/openclaw/releases/tag/v2026.3.31"
},
{
"type": "WEB",
"url": "https://www.vulncheck.com/advisories/openclaw-nostr-private-key-exposure-via-config-get-redaction-bypass"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
},
{
"score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N",
"type": "CVSS_V4"
}
],
"summary": "OpenClaw Nostr privateKey config redaction bypass leaks plaintext signing key via config.get"
}
GHSA-JJWH-245W-F2XG
Vulnerability from github – Published: 2022-05-24 17:41 – Updated: 2022-05-24 17:41An issue was discovered in SmartFoxServer 2.17.0. Cleartext password disclosure can occur via /config/server.xml.
{
"affected": [],
"aliases": [
"CVE-2021-26550"
],
"database_specific": {
"cwe_ids": [
"CWE-312"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2021-02-09T20:15:00Z",
"severity": "MODERATE"
},
"details": "An issue was discovered in SmartFoxServer 2.17.0. Cleartext password disclosure can occur via /config/server.xml.",
"id": "GHSA-jjwh-245w-f2xg",
"modified": "2022-05-24T17:41:38Z",
"published": "2022-05-24T17:41:38Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-26550"
},
{
"type": "WEB",
"url": "https://www.smartfoxserver.com"
},
{
"type": "WEB",
"url": "https://www.zeroscience.mk/en/vulnerabilities"
},
{
"type": "WEB",
"url": "https://www.zeroscience.mk/en/vulnerabilities/ZSL-2021-5627.php"
},
{
"type": "WEB",
"url": "http://packetstormsecurity.com/files/161337/SmartFoxServer-2X-2.17.0-Credential-Disclosure.html"
}
],
"schema_version": "1.4.0",
"severity": []
}
GHSA-JM3X-QP4Q-P8JR
Vulnerability from github – Published: 2024-06-13 18:31 – Updated: 2024-10-03 21:31An unauthorized user is able to gain access to sensitive data, including credentials, by physically retrieving the hard disk of the product as the data is stored in clear text.
{
"affected": [],
"aliases": [
"CVE-2024-38280"
],
"database_specific": {
"cwe_ids": [
"CWE-312",
"CWE-313"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-06-13T17:15:51Z",
"severity": "HIGH"
},
"details": "An unauthorized user is able to gain access to sensitive data, including credentials, by physically retrieving the hard disk of the product as the data is stored in clear text.",
"id": "GHSA-jm3x-qp4q-p8jr",
"modified": "2024-10-03T21:31:03Z",
"published": "2024-06-13T18:31:58Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-38280"
},
{
"type": "WEB",
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-24-165-19"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
},
{
"score": "CVSS:4.0/AV:P/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"type": "CVSS_V4"
}
]
}
GHSA-JM4H-WWJV-4Q5C
Vulnerability from github – Published: 2024-11-13 15:31 – Updated: 2024-11-27 00:31Using remote content in OpenPGP encrypted messages can lead to the disclosure of plaintext. This vulnerability affects Thunderbird < 128.4.3 and Thunderbird < 132.0.1.
{
"affected": [],
"aliases": [
"CVE-2024-11159"
],
"database_specific": {
"cwe_ids": [
"CWE-203",
"CWE-312"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-11-13T14:15:15Z",
"severity": "MODERATE"
},
"details": "Using remote content in OpenPGP encrypted messages can lead to the disclosure of plaintext. This vulnerability affects Thunderbird \u003c 128.4.3 and Thunderbird \u003c 132.0.1.",
"id": "GHSA-jm4h-wwjv-4q5c",
"modified": "2024-11-27T00:31:41Z",
"published": "2024-11-13T15:31:37Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-11159"
},
{
"type": "WEB",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1925929"
},
{
"type": "WEB",
"url": "https://lists.debian.org/debian-lts-announce/2024/11/msg00017.html"
},
{
"type": "WEB",
"url": "https://www.mozilla.org/security/advisories/mfsa2024-61"
},
{
"type": "WEB",
"url": "https://www.mozilla.org/security/advisories/mfsa2024-62"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-JQV9-XXR8-R2P9
Vulnerability from github – Published: 2022-11-08 12:00 – Updated: 2022-11-09 19:02A vulnerability has been identified in QMS Automotive (All versions). User credentials are stored in plaintext in the database. This could allow an attacker to gain access to credentials and impersonate other users.
{
"affected": [],
"aliases": [
"CVE-2022-43958"
],
"database_specific": {
"cwe_ids": [
"CWE-312"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2022-11-08T11:15:00Z",
"severity": "CRITICAL"
},
"details": "A vulnerability has been identified in QMS Automotive (All versions). User credentials are stored in plaintext in the database. This could allow an attacker to gain access to credentials and impersonate other users.",
"id": "GHSA-jqv9-xxr8-r2p9",
"modified": "2022-11-09T19:02:22Z",
"published": "2022-11-08T12:00:17Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-43958"
},
{
"type": "WEB",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-587547.pdf"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
"type": "CVSS_V3"
}
]
}
Mitigation
When storing data in the cloud (e.g., S3 buckets, Azure blobs, Google Cloud Storage, etc.), use the provider's controls to encrypt the data at rest. [REF-1297] [REF-1299] [REF-1301]
Mitigation
In some systems/environments such as cloud, the use of "double encryption" (at both the software and hardware layer) might be required, and the developer might be solely responsible for both layers, instead of shared responsibility with the administrator of the broader system/environment.
CAPEC-37: Retrieve Embedded Sensitive Data
An attacker examines a target system to find sensitive data that has been embedded within it. This information can reveal confidential contents, such as account numbers or individual keys/credentials that can be used as an intermediate step in a larger attack.