CWE-312
AllowedCleartext Storage of Sensitive Information
Abstraction: Base · Status: Draft
The product stores sensitive information in cleartext within a resource that might be accessible to another control sphere.
1017 vulnerabilities reference this CWE, most recent first.
GHSA-Q9W3-4QX4-V262
Vulnerability from github – Published: 2022-05-24 19:05 – Updated: 2022-05-24 19:05TP-Link's TL-WPA4220 4.0.2 Build 20180308 Rel.37064 does not use SSL by default. Attacker on the local network can monitor traffic and capture the cookie and other sensitive information.
{
"affected": [],
"aliases": [
"CVE-2021-28858"
],
"database_specific": {
"cwe_ids": [
"CWE-312"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2021-06-15T22:15:00Z",
"severity": "MODERATE"
},
"details": "TP-Link\u0027s TL-WPA4220 4.0.2 Build 20180308 Rel.37064 does not use SSL by default. Attacker on the local network can monitor traffic and capture the cookie and other sensitive information.",
"id": "GHSA-q9w3-4qx4-v262",
"modified": "2022-05-24T19:05:34Z",
"published": "2022-05-24T19:05:34Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-28858"
},
{
"type": "WEB",
"url": "https://yunus-shn.medium.com/tp-links-tl-wpa4220-v4-0-cleartext-transmission-of-sensitive-information-40357c778b84"
}
],
"schema_version": "1.4.0",
"severity": []
}
GHSA-QC4C-HG95-VJCG
Vulnerability from github – Published: 2022-05-24 17:45 – Updated: 2026-07-05 00:31The /password.html page of the Web management interface of the Acexy Wireless-N WiFi Repeater REV 1.0 (28.08.06.1) contains the administrator account password in plaintext. The page can be intercepted on HTTP.
{
"affected": [],
"aliases": [
"CVE-2021-28937"
],
"database_specific": {
"cwe_ids": [
"CWE-312"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2021-03-29T13:15:00Z",
"severity": "HIGH"
},
"details": "The /password.html page of the Web management interface of the Acexy Wireless-N WiFi Repeater REV 1.0 (28.08.06.1) contains the administrator account password in plaintext. The page can be intercepted on HTTP.",
"id": "GHSA-qc4c-hg95-vjcg",
"modified": "2026-07-05T00:31:17Z",
"published": "2022-05-24T17:45:39Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-28937"
},
{
"type": "WEB",
"url": "https://blog-ssh3ll.medium.com/acexy-wireless-n-wifi-repeater-vulnerabilities-8bd5d14a2990"
},
{
"type": "WEB",
"url": "http://acexy.com"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-QCHG-5F29-5GXW
Vulnerability from github – Published: 2023-03-29 03:30 – Updated: 2023-04-05 03:30A vulnerability was found in Xunrui CMS 4.61 and classified as problematic. Affected by this issue is some unknown functionality of the file /dayrui/Fcms/View/system_log.html. The manipulation leads to information disclosure. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-224240.
{
"affected": [],
"aliases": [
"CVE-2023-1683"
],
"database_specific": {
"cwe_ids": [
"CWE-200",
"CWE-312"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2023-03-29T01:15:00Z",
"severity": "HIGH"
},
"details": "A vulnerability was found in Xunrui CMS 4.61 and classified as problematic. Affected by this issue is some unknown functionality of the file /dayrui/Fcms/View/system_log.html. The manipulation leads to information disclosure. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-224240.",
"id": "GHSA-qchg-5f29-5gxw",
"modified": "2023-04-05T03:30:17Z",
"published": "2023-03-29T03:30:25Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-1683"
},
{
"type": "WEB",
"url": "https://github.com/2714925725/CMS-bug/blob/main/Informationdisclosure-1.md"
},
{
"type": "WEB",
"url": "https://vuldb.com/?ctiid.224240"
},
{
"type": "WEB",
"url": "https://vuldb.com/?id.224240"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-QF6H-WR49-RV76
Vulnerability from github – Published: 2022-09-25 00:00 – Updated: 2022-09-28 00:00A cleartext storage of sensitive information exists in Rocket.Chat <v4.6.4 due to Oauth token being leaked in plaintext in Rocket.chat logs.
{
"affected": [],
"aliases": [
"CVE-2022-32217"
],
"database_specific": {
"cwe_ids": [
"CWE-312",
"CWE-532"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2022-09-23T19:15:00Z",
"severity": "MODERATE"
},
"details": "A cleartext storage of sensitive information exists in Rocket.Chat \u003cv4.6.4 due to Oauth token being leaked in plaintext in Rocket.chat logs.",
"id": "GHSA-qf6h-wr49-rv76",
"modified": "2022-09-28T00:00:24Z",
"published": "2022-09-25T00:00:16Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-32217"
},
{
"type": "WEB",
"url": "https://hackerone.com/reports/1394399"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-QGF7-MPPG-P3H3
Vulnerability from github – Published: 2022-05-13 01:53 – Updated: 2022-05-13 01:53In Lenovo xClarity Administrator versions earlier than 2.1.0, an attacker that gains access to the underlying LXCA file system user may be able to retrieve a credential store containing the service processor user names and passwords for servers previously managed by that LXCA instance, and potentially decrypt those credentials more easily than intended.
{
"affected": [],
"aliases": [
"CVE-2018-9065"
],
"database_specific": {
"cwe_ids": [
"CWE-312"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2018-07-30T16:29:00Z",
"severity": "HIGH"
},
"details": "In Lenovo xClarity Administrator versions earlier than 2.1.0, an attacker that gains access to the underlying LXCA file system user may be able to retrieve a credential store containing the service processor user names and passwords for servers previously managed by that LXCA instance, and potentially decrypt those credentials more easily than intended.",
"id": "GHSA-qgf7-mppg-p3h3",
"modified": "2022-05-13T01:53:50Z",
"published": "2022-05-13T01:53:50Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-9065"
},
{
"type": "WEB",
"url": "https://support.lenovo.com/us/en/solutions/LEN-22168"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-QGGP-C2RQ-6X65
Vulnerability from github – Published: 2023-09-13 09:30 – Updated: 2024-04-04 07:38A password management vulnerability in Skyhigh Secure Web Gateway (SWG) in main releases 11.x prior to 11.2.14, 10.x prior to 10.2.25 and controlled release 12.x prior to 12.2.1, allows some authentication information stored in configuration files to be extracted through SWG REST API. This was possible due to SWG storing the password in plain text in some configuration files.
{
"affected": [],
"aliases": [
"CVE-2023-4400"
],
"database_specific": {
"cwe_ids": [
"CWE-256",
"CWE-312"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2023-09-13T07:15:08Z",
"severity": "MODERATE"
},
"details": "\nA password management vulnerability in Skyhigh Secure Web Gateway (SWG) in main releases 11.x prior to 11.2.14, 10.x prior to 10.2.25 and controlled release 12.x prior to 12.2.1, allows some authentication information stored in configuration files to be extracted through SWG REST API. This was possible due to SWG storing the password in plain text in some configuration files.\n\n",
"id": "GHSA-qggp-c2rq-6x65",
"modified": "2024-04-04T07:38:46Z",
"published": "2023-09-13T09:30:20Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-4400"
},
{
"type": "ADVISORY",
"url": "https://github.com/advisories/GHSA-qggp-c2rq-6x65"
},
{
"type": "WEB",
"url": "https://kcm.trellix.com/corporate/index?page=content\u0026id=SB10406"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:N/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-QGJM-4MG2-6WM5
Vulnerability from github – Published: 2026-05-29 21:31 – Updated: 2026-06-01 18:31StrongDM Desktop Application before 23.74.0 (Desktop Client before 53.77.0) on Microsoft Windows stores authentication state, including a JSON Web Token and asymmetric key material, in cleartext in a per-user state file located at C:\Users\.sdm\state.kv. The file is protected only by default user-level NTFS permissions.
Exploitation requires local read access to the affected user's profile directory and additional deployment and execution conditions on the target host.
The condition was reported through coordinated disclosure by Hope Walker (SpecterOps).
{
"affected": [],
"aliases": [
"CVE-2026-4387"
],
"database_specific": {
"cwe_ids": [
"CWE-312"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2026-05-29T20:16:30Z",
"severity": "LOW"
},
"details": "StrongDM Desktop Application before 23.74.0 (Desktop Client before 53.77.0) on Microsoft Windows stores authentication state, including a JSON Web Token and asymmetric key material, in cleartext in a per-user state file located at C:\\Users\\\u003cusername\u003e\\.sdm\\state.kv. The file is protected only by default user-level NTFS permissions.\n\n\n\nExploitation requires local read access to the affected user\u0027s profile directory and additional deployment and execution conditions on the target host.\n\n\n\nThe condition was reported through coordinated disclosure by Hope Walker (SpecterOps).",
"id": "GHSA-qgjm-4mg2-6wm5",
"modified": "2026-06-01T18:31:47Z",
"published": "2026-05-29T21:31:24Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-4387"
},
{
"type": "WEB",
"url": "https://security.strongdm.com/?tcuUid=56fde839-9388-4361-8d3b-9baa7b2de2ed"
},
{
"type": "WEB",
"url": "https://specterops.io/blog/2026/06/01/cve-2026-4387-strongdm-state-file-reuse"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:L/VI:N/VA:N/SC:L/SI:L/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"type": "CVSS_V4"
}
]
}
GHSA-QGMQ-RHMW-XW3R
Vulnerability from github – Published: 2025-07-31 15:35 – Updated: 2025-12-24 00:30A flaw was found in Ansible Automation Platform (AAP) where the Gateway API returns the client secret for certain GitHub Enterprise authenticators in clear text. This vulnerability affects administrators or auditors accessing authenticator configurations. While access is limited to privileged users, the clear text exposure of sensitive credentials increases the risk of accidental leaks or misuse.
{
"affected": [],
"aliases": [
"CVE-2025-7738"
],
"database_specific": {
"cwe_ids": [
"CWE-312"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-07-31T14:15:35Z",
"severity": "MODERATE"
},
"details": "A flaw was found in Ansible Automation Platform (AAP) where the Gateway API returns the client secret for certain GitHub Enterprise authenticators in clear text. This vulnerability affects administrators or auditors accessing authenticator configurations. While access is limited to privileged users, the clear text exposure of sensitive credentials increases the risk of accidental leaks or misuse.",
"id": "GHSA-qgmq-rhmw-xw3r",
"modified": "2025-12-24T00:30:12Z",
"published": "2025-07-31T15:35:48Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-7738"
},
{
"type": "WEB",
"url": "https://github.com/ansible/django-ansible-base/pull/773"
},
{
"type": "WEB",
"url": "https://github.com/ansible/django-ansible-base/commit/e241ea4dce8df577eda15301e0a8e61be647b27b"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2025:12772"
},
{
"type": "WEB",
"url": "https://access.redhat.com/security/cve/CVE-2025-7738"
},
{
"type": "WEB",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2381589"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-QGW9-VGRF-H723
Vulnerability from github – Published: 2023-04-12 18:30 – Updated: 2023-04-12 22:18Jenkins Report Portal Plugin 0.5 and earlier stores ReportPortal access tokens unencrypted in job config.xml files on the Jenkins controller as part of its configuration.
These tokens can be viewed by users with Item/Extended Read permission or access to the Jenkins controller file system.
Additionally, the configuration form does not mask these tokens, increasing the potential for attackers to observe and capture them.
{
"affected": [
{
"package": {
"ecosystem": "Maven",
"name": "org.jenkins-ci.plugins:reportportal"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "0.5"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2023-30523"
],
"database_specific": {
"cwe_ids": [
"CWE-312"
],
"github_reviewed": true,
"github_reviewed_at": "2023-04-12T22:18:27Z",
"nvd_published_at": "2023-04-12T18:15:00Z",
"severity": "MODERATE"
},
"details": "Jenkins Report Portal Plugin 0.5 and earlier stores ReportPortal access tokens unencrypted in job `config.xml` files on the Jenkins controller as part of its configuration.\n\nThese tokens can be viewed by users with Item/Extended Read permission or access to the Jenkins controller file system.\n\nAdditionally, the configuration form does not mask these tokens, increasing the potential for attackers to observe and capture them.",
"id": "GHSA-qgw9-vgrf-h723",
"modified": "2023-04-12T22:18:27Z",
"published": "2023-04-12T18:30:36Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-30523"
},
{
"type": "WEB",
"url": "https://www.jenkins.io/security/advisory/2023-04-12/#SECURITY-2945"
},
{
"type": "WEB",
"url": "http://www.openwall.com/lists/oss-security/2023/04/13/3"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"type": "CVSS_V3"
}
],
"summary": "Jenkins Report Portal Plugin allows users with Item/Extended Read permission to view tokens on Jenkins controller"
}
GHSA-QGX3-64XJ-X44J
Vulnerability from github – Published: 2023-11-22 18:30 – Updated: 2023-11-30 06:33Headwind MDM Web panel 5.22.1 is vulnerable to Incorrect Access Control due to Login Credential Leakage via Audit Entries.
{
"affected": [],
"aliases": [
"CVE-2023-47312"
],
"database_specific": {
"cwe_ids": [
"CWE-312"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2023-11-22T17:15:22Z",
"severity": "MODERATE"
},
"details": "Headwind MDM Web panel 5.22.1 is vulnerable to Incorrect Access Control due to Login Credential Leakage via Audit Entries.",
"id": "GHSA-qgx3-64xj-x44j",
"modified": "2023-11-30T06:33:23Z",
"published": "2023-11-22T18:30:57Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-47312"
},
{
"type": "WEB",
"url": "https://boltonshield.com/en/cve/cve-2023-47312"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
}
]
}
Mitigation
When storing data in the cloud (e.g., S3 buckets, Azure blobs, Google Cloud Storage, etc.), use the provider's controls to encrypt the data at rest. [REF-1297] [REF-1299] [REF-1301]
Mitigation
In some systems/environments such as cloud, the use of "double encryption" (at both the software and hardware layer) might be required, and the developer might be solely responsible for both layers, instead of shared responsibility with the administrator of the broader system/environment.
CAPEC-37: Retrieve Embedded Sensitive Data
An attacker examines a target system to find sensitive data that has been embedded within it. This information can reveal confidential contents, such as account numbers or individual keys/credentials that can be used as an intermediate step in a larger attack.