CWE-312
AllowedCleartext Storage of Sensitive Information
Abstraction: Base · Status: Draft
The product stores sensitive information in cleartext within a resource that might be accessible to another control sphere.
1017 vulnerabilities reference this CWE, most recent first.
GHSA-R2HW-74XV-4GQP
Vulnerability from github – Published: 2023-10-24 19:25 – Updated: 2024-10-07 15:09Impact
In Nautobot 2.0.x, certain REST API endpoints, in combination with the ?depth=<N> query parameter, can expose hashed user passwords as stored in the database to any authenticated user with access to these endpoints.
The passwords are not exposed in plaintext. Nautobot 1.x is not affected by this vulnerability.
Example:
GET /api/users/permissions/?depth=1
HTTP 200 OK
API-Version: 2.0
Allow: GET, POST, PUT, PATCH, DELETE, HEAD, OPTIONS
Content-Type: application/json
Vary: Accept
{
"count": 1,
"next": null,
"previous": null,
"results": [
{
"id": "28ea85e4-5039-4389-94f1-9a3e1c787149",
"object_type": "users.objectpermission",
"display": "Run Job",
"url": "http://localhost:8080/api/users/permissions/28ea85e4-5039-4389-94f1-9a3e1c787149/",
"natural_slug": "run-job_28ea",
"object_types": [
"extras.job"
],
"name": "Run Job",
"description": "",
"enabled": true,
"actions": [
"run",
"view"
],
"constraints": null,
"groups": [
{
"id": 1,
"object_type": "auth.group",
"display": "A Group",
"url": "http://localhost:8080/api/users/groups/1/",
"natural_slug": "a-group_1",
"name": "A Group"
}
],
"users": [
{
"id": "e73288e2-1326-4bfb-8fea-041290dd7473",
"object_type": "users.user",
"display": "admin",
"url": "http://localhost:8080/api/users/users/e73288e2-1326-4bfb-8fea-041290dd7473/",
"natural_slug": "admin_e732",
"password": "pbkdf2_sha256$260000$jQb7hA48HYJ0MLWQgOZiBl$b72+gz6SpZiRpxceRQfT5Zv/aUac0eJ4NdBTZ8ECOow=",
"last_login": "2023-10-18T14:19:08.780857Z",
"is_superuser": true,
"username": "admin",
"first_name": "",
"last_name": "",
"email": "",
"is_staff": true,
"is_active": true,
"date_joined": "2023-10-18T14:18:55.854023Z",
"config_data": {}
}
]
}
]
}
Note the "password" field present in the nested
"users"data.
This information is not exposed during direct access to the /api/users/users/ endpoint, but can be exposed through any endpoint which contains a nested reference to User object(s) when an appropriate ?depth=<N> query parameter is specified. Known impacted endpoints include:
/api/dcim/rack-reservations/?depth=1(or any greaterdepthvalue)/api/extras/job-results/?depth=1(or any greaterdepthvalue)/api/extras/notes/?depth=1(or any greaterdepthvalue)/api/extras/object-changes/?depth=1(or any greaterdepthvalue)/api/extras/scheduled-jobs/?depth=1(or any greaterdepthvalue)/api/users/permissions/?depth=1(or any greaterdepthvalue)
but this is not necessarily an exhaustive list.
Plugin REST API endpoints for any models with a foreign key to the User model may also be impacted by this issue.
The patch identified below mitigates the issue for both Nautobot core REST APIs and plugin REST APIs; no code change in plugins is required to address this issue.
Patches
Refer to https://github.com/nautobot/nautobot/pull/4692 for the patch that resolved this issue.
Workarounds
Upgrading to v2.0.3 or later, or applying the above patch, is the preferred workaround for this issue; while it could also be partially mitigated by updating permissions to deny user access to the above list of impacted REST API endpoints, that is not recommended as other endpoints may also expose this issue until patched.
References
https://github.com/nautobot/nautobot/pull/4692
{
"affected": [
{
"package": {
"ecosystem": "PyPI",
"name": "nautobot"
},
"ranges": [
{
"events": [
{
"introduced": "2.0.0"
},
{
"fixed": "2.0.3"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2023-46128"
],
"database_specific": {
"cwe_ids": [
"CWE-200",
"CWE-312",
"CWE-359"
],
"github_reviewed": true,
"github_reviewed_at": "2023-10-24T19:25:24Z",
"nvd_published_at": "2023-10-25T18:17:36Z",
"severity": "HIGH"
},
"details": "### Impact\n\nIn Nautobot 2.0.x, certain REST API endpoints, in combination with the `?depth=\u003cN\u003e` query parameter, can expose hashed user passwords as stored in the database to any authenticated user with access to these endpoints. \n\n\u003e The passwords are *not* exposed in plaintext. \n\u003e Nautobot 1.x is *not* affected by this vulnerability.\n\nExample:\n\n```\nGET /api/users/permissions/?depth=1\n\nHTTP 200 OK\nAPI-Version: 2.0\nAllow: GET, POST, PUT, PATCH, DELETE, HEAD, OPTIONS\nContent-Type: application/json\nVary: Accept\n```\n\n```json\n{\n \"count\": 1,\n \"next\": null,\n \"previous\": null,\n \"results\": [\n {\n \"id\": \"28ea85e4-5039-4389-94f1-9a3e1c787149\",\n \"object_type\": \"users.objectpermission\",\n \"display\": \"Run Job\",\n \"url\": \"http://localhost:8080/api/users/permissions/28ea85e4-5039-4389-94f1-9a3e1c787149/\",\n \"natural_slug\": \"run-job_28ea\",\n \"object_types\": [\n \"extras.job\"\n ],\n \"name\": \"Run Job\",\n \"description\": \"\",\n \"enabled\": true,\n \"actions\": [\n \"run\",\n \"view\"\n ],\n \"constraints\": null,\n \"groups\": [\n {\n \"id\": 1,\n \"object_type\": \"auth.group\",\n \"display\": \"A Group\",\n \"url\": \"http://localhost:8080/api/users/groups/1/\",\n \"natural_slug\": \"a-group_1\",\n \"name\": \"A Group\"\n }\n ],\n \"users\": [\n {\n \"id\": \"e73288e2-1326-4bfb-8fea-041290dd7473\",\n \"object_type\": \"users.user\",\n \"display\": \"admin\",\n \"url\": \"http://localhost:8080/api/users/users/e73288e2-1326-4bfb-8fea-041290dd7473/\",\n \"natural_slug\": \"admin_e732\",\n \"password\": \"pbkdf2_sha256$260000$jQb7hA48HYJ0MLWQgOZiBl$b72+gz6SpZiRpxceRQfT5Zv/aUac0eJ4NdBTZ8ECOow=\",\n \"last_login\": \"2023-10-18T14:19:08.780857Z\",\n \"is_superuser\": true,\n \"username\": \"admin\",\n \"first_name\": \"\",\n \"last_name\": \"\",\n \"email\": \"\",\n \"is_staff\": true,\n \"is_active\": true,\n \"date_joined\": \"2023-10-18T14:18:55.854023Z\",\n \"config_data\": {}\n }\n ]\n }\n ]\n}\n```\n\n\u003e Note the \"password\" field present in the nested `\"users\"` data.\n\nThis information is not exposed during direct access to the `/api/users/users/` endpoint, but can be exposed through any endpoint which contains a nested reference to User object(s) when an appropriate `?depth=\u003cN\u003e` query parameter is specified. Known impacted endpoints include:\n\n- `/api/dcim/rack-reservations/?depth=1`(or any greater `depth` value)\n- `/api/extras/job-results/?depth=1` (or any greater `depth` value)\n- `/api/extras/notes/?depth=1` (or any greater `depth` value)\n- `/api/extras/object-changes/?depth=1` (or any greater `depth` value)\n- `/api/extras/scheduled-jobs/?depth=1` (or any greater `depth` value)\n- `/api/users/permissions/?depth=1` (or any greater `depth` value)\n\nbut this is not necessarily an exhaustive list. \n\n\u003e Plugin REST API endpoints for any models with a foreign key to the User model may also be impacted by this issue.\n\n\u003e The patch identified below mitigates the issue for both Nautobot core REST APIs and plugin REST APIs; no code change in plugins is required to address this issue.\n\n### Patches\n\nRefer to https://github.com/nautobot/nautobot/pull/4692 for the patch that resolved this issue.\n\n### Workarounds\n\nUpgrading to v2.0.3 or later, or applying the above patch, is the preferred workaround for this issue; while it could also be partially mitigated by updating permissions to deny user access to the above list of impacted REST API endpoints, that is not recommended as other endpoints may also expose this issue until patched.\n\n### References\n\nhttps://github.com/nautobot/nautobot/pull/4692\n",
"id": "GHSA-r2hw-74xv-4gqp",
"modified": "2024-10-07T15:09:56Z",
"published": "2023-10-24T19:25:24Z",
"references": [
{
"type": "WEB",
"url": "https://github.com/nautobot/nautobot/security/advisories/GHSA-r2hw-74xv-4gqp"
},
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-46128"
},
{
"type": "WEB",
"url": "https://github.com/nautobot/nautobot/pull/4692"
},
{
"type": "WEB",
"url": "https://github.com/nautobot/nautobot/commit/1ce8e5c658a075c29554d517cd453675e5d40d71"
},
{
"type": "PACKAGE",
"url": "https://github.com/nautobot/nautobot"
},
{
"type": "WEB",
"url": "https://github.com/pypa/advisory-database/tree/main/vulns/nautobot/PYSEC-2023-220.yaml"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N",
"type": "CVSS_V3"
},
{
"score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:H/SI:N/SA:N",
"type": "CVSS_V4"
}
],
"summary": "Nautobot vulnerable to exposure of hashed user passwords via REST API"
}
GHSA-R2PW-9CXH-M8MR
Vulnerability from github – Published: 2026-06-08 21:31 – Updated: 2026-06-08 21:31Improper access control in the ticketing integration settings in Devolutions Server allows an authenticated low-privileged user to obtain cleartext credentials for configured ticketing integrations via a crafted API request.
This issue affects :
- Devolutions Server 2026.2.4.0
- Devolutions Server 2026.1.20.0 and earlier
{
"affected": [],
"aliases": [
"CVE-2026-10786"
],
"database_specific": {
"cwe_ids": [
"CWE-312"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2026-06-08T19:16:34Z",
"severity": "MODERATE"
},
"details": "Improper access control in the ticketing integration settings in Devolutions Server allows an authenticated low-privileged user to obtain cleartext credentials for configured ticketing integrations via a crafted API request.\n\nThis issue affects :\n\n * Devolutions Server 2026.2.4.0\n * Devolutions Server 2026.1.20.0 and earlier",
"id": "GHSA-r2pw-9cxh-m8mr",
"modified": "2026-06-08T21:31:50Z",
"published": "2026-06-08T21:31:50Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-10786"
},
{
"type": "WEB",
"url": "https://devolutions.net/security/advisories/DEVO-2026-0015"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-R2RH-HPQM-RGJ8
Vulnerability from github – Published: 2022-12-02 00:30 – Updated: 2022-12-06 18:30IXPdata EasyInstall 6.6.14725 contains an access control issue.
{
"affected": [],
"aliases": [
"CVE-2022-35120"
],
"database_specific": {
"cwe_ids": [
"CWE-312"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2022-12-01T22:15:00Z",
"severity": "HIGH"
},
"details": "IXPdata EasyInstall 6.6.14725 contains an access control issue.",
"id": "GHSA-r2rh-hpqm-rgj8",
"modified": "2022-12-06T18:30:21Z",
"published": "2022-12-02T00:30:25Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-35120"
},
{
"type": "WEB",
"url": "https://la.rsbir.ch/CVE-2022-35120.pdf"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-R365-C863-WWVQ
Vulnerability from github – Published: 2022-05-13 01:50 – Updated: 2022-05-13 01:50An issue was discovered in GitLab Community and Enterprise Edition before 11.2.7, 11.3.x before 11.3.8, and 11.4.x before 11.4.3. It has Cleartext Storage of Sensitive Information.
{
"affected": [],
"aliases": [
"CVE-2018-18641"
],
"database_specific": {
"cwe_ids": [
"CWE-312"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2018-12-04T23:29:00Z",
"severity": "CRITICAL"
},
"details": "An issue was discovered in GitLab Community and Enterprise Edition before 11.2.7, 11.3.x before 11.3.8, and 11.4.x before 11.4.3. It has Cleartext Storage of Sensitive Information.",
"id": "GHSA-r365-c863-wwvq",
"modified": "2022-05-13T01:50:43Z",
"published": "2022-05-13T01:50:43Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-18641"
},
{
"type": "WEB",
"url": "https://about.gitlab.com/2018/10/29/security-release-gitlab-11-dot-4-dot-3-released"
},
{
"type": "WEB",
"url": "https://gitlab.com/gitlab-org/gitlab-ce/issues/51113"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-R43R-P9MV-G2FW
Vulnerability from github – Published: 2024-12-05 15:31 – Updated: 2024-12-05 15:31This vulnerability exists in the TP-Link Archer C50 due to presence of terminal access on a serial interface without proper access control. An attacker with physical access could exploit this by accessing the UART shell on the vulnerable device. Successful exploitation of this vulnerability could allow the attacker to obtain Wi-Fi credentials of the targeted system.
{
"affected": [],
"aliases": [
"CVE-2024-54127"
],
"database_specific": {
"cwe_ids": [
"CWE-312"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-12-05T13:15:09Z",
"severity": "MODERATE"
},
"details": "This vulnerability exists in the TP-Link Archer C50 due to presence of terminal access on a serial interface without proper access control. An attacker with physical access could exploit this by accessing the UART shell on the vulnerable device. Successful exploitation of this vulnerability could allow the attacker to obtain Wi-Fi credentials of the targeted system.",
"id": "GHSA-r43r-p9mv-g2fw",
"modified": "2024-12-05T15:31:02Z",
"published": "2024-12-05T15:31:02Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-54127"
},
{
"type": "WEB",
"url": "https://www.cert-in.org.in/s2cMainServlet?pageid=PUBVLNOTES01\u0026VLCODE=CIVN-2024-0354"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:4.0/AV:P/AC:H/AT:N/PR:N/UI:N/VC:H/VI:N/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"type": "CVSS_V4"
}
]
}
GHSA-R4W6-45H7-R5JM
Vulnerability from github – Published: 2022-05-10 00:00 – Updated: 2022-05-18 00:00Brocade SANnav before version SANnav 2.2.0 logs the REST API Authentication token in plain text.
{
"affected": [],
"aliases": [
"CVE-2022-28162"
],
"database_specific": {
"cwe_ids": [
"CWE-312"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2022-05-09T17:15:00Z",
"severity": "LOW"
},
"details": "Brocade SANnav before version SANnav 2.2.0 logs the REST API Authentication token in plain text.",
"id": "GHSA-r4w6-45h7-r5jm",
"modified": "2022-05-18T00:00:32Z",
"published": "2022-05-10T00:00:18Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-28162"
},
{
"type": "WEB",
"url": "https://www.broadcom.com/support/fibre-channel-networking/security-advisories/brocade-security-advisory-2022-1841"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-R55W-XPH5-XVX2
Vulnerability from github – Published: 2022-05-24 17:43 – Updated: 2024-10-23 18:25An issue was discovered in through SaltStack Salt before 3002.5. salt.modules.cmdmod can log credentials to the info or error log level.
{
"affected": [
{
"package": {
"ecosystem": "PyPI",
"name": "salt"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "2015.8.13"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "PyPI",
"name": "salt"
},
"ranges": [
{
"events": [
{
"introduced": "2016.3.0"
},
{
"fixed": "2016.11.5"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "PyPI",
"name": "salt"
},
"ranges": [
{
"events": [
{
"introduced": "2016.11.7"
},
{
"fixed": "2016.11.10"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "PyPI",
"name": "salt"
},
"ranges": [
{
"events": [
{
"introduced": "2017.5.0"
},
{
"fixed": "2017.7.8"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "PyPI",
"name": "salt"
},
"ranges": [
{
"events": [
{
"introduced": "2018.2.0"
},
{
"last_affected": "2018.3.5"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "PyPI",
"name": "salt"
},
"ranges": [
{
"events": [
{
"introduced": "2019.2.0"
},
{
"fixed": "2019.2.8"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "PyPI",
"name": "salt"
},
"ranges": [
{
"events": [
{
"introduced": "3000"
},
{
"fixed": "3000.7"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "PyPI",
"name": "salt"
},
"ranges": [
{
"events": [
{
"introduced": "3001"
},
{
"fixed": "3001.5"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "PyPI",
"name": "salt"
},
"ranges": [
{
"events": [
{
"introduced": "3002"
},
{
"fixed": "3002.3"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2021-25284"
],
"database_specific": {
"cwe_ids": [
"CWE-312",
"CWE-522"
],
"github_reviewed": true,
"github_reviewed_at": "2024-04-22T21:17:02Z",
"nvd_published_at": "2021-02-27T05:15:00Z",
"severity": "MODERATE"
},
"details": "An issue was discovered in through SaltStack Salt before 3002.5. `salt.modules.cmdmod` can log credentials to the info or error log level.",
"id": "GHSA-r55w-xph5-xvx2",
"modified": "2024-10-23T18:25:59Z",
"published": "2022-05-24T17:43:22Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-25284"
},
{
"type": "WEB",
"url": "https://www.debian.org/security/2021/dsa-5011"
},
{
"type": "WEB",
"url": "https://security.gentoo.org/glsa/202310-22"
},
{
"type": "WEB",
"url": "https://security.gentoo.org/glsa/202103-01"
},
{
"type": "WEB",
"url": "https://saltproject.io/security_announcements/active-saltstack-cve-release-2021-feb-25"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YOGNT2XWPOYV7YT75DN7PS4GIYWFKOK5"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FUGLOJ6NXLCIFRD2JTXBYQEMAEF2B6XH"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7GRVZ5WAEI3XFN2BDTL6DDXFS5HYSDVB"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YOGNT2XWPOYV7YT75DN7PS4GIYWFKOK5"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FUGLOJ6NXLCIFRD2JTXBYQEMAEF2B6XH"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7GRVZ5WAEI3XFN2BDTL6DDXFS5HYSDVB"
},
{
"type": "WEB",
"url": "https://lists.debian.org/debian-lts-announce/2022/01/msg00000.html"
},
{
"type": "WEB",
"url": "https://lists.debian.org/debian-lts-announce/2021/11/msg00009.html"
},
{
"type": "WEB",
"url": "https://github.com/saltstack/salt/releases"
},
{
"type": "WEB",
"url": "https://github.com/saltstack/salt/blob/8f9405cf8e6f7d7776d5000841c886dec6d96250/doc/topics/releases/3002.3.rst#L37"
},
{
"type": "WEB",
"url": "https://github.com/saltstack/salt/blob/8f9405cf8e6f7d7776d5000841c886dec6d96250/doc/topics/releases/3001.5.rst#L37"
},
{
"type": "WEB",
"url": "https://github.com/saltstack/salt/blob/8f9405cf8e6f7d7776d5000841c886dec6d96250/doc/topics/releases/3000.7.rst#L37"
},
{
"type": "PACKAGE",
"url": "https://github.com/saltstack/salt"
},
{
"type": "WEB",
"url": "https://github.com/pypa/advisory-database/tree/main/vulns/salt/PYSEC-2021-53.yaml"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N",
"type": "CVSS_V3"
}
],
"summary": "SaltStack Salt Cleartext Storage of Sensitive Information via cmdmod "
}
GHSA-R62J-2RMF-5729
Vulnerability from github – Published: 2022-07-02 00:00 – Updated: 2022-07-09 00:00IBM UrbanCode Deploy (UCD) 6.2.7.15, 7.0.5.10, 7.1.2.6, and 7.2.2.1 could disclose sensitive database information to a local user in plain text. IBM X-Force ID: 221008.
{
"affected": [],
"aliases": [
"CVE-2022-22367"
],
"database_specific": {
"cwe_ids": [
"CWE-312"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2022-07-01T18:15:00Z",
"severity": "MODERATE"
},
"details": "IBM UrbanCode Deploy (UCD) 6.2.7.15, 7.0.5.10, 7.1.2.6, and 7.2.2.1 could disclose sensitive database information to a local user in plain text. IBM X-Force ID: 221008.",
"id": "GHSA-r62j-2rmf-5729",
"modified": "2022-07-09T00:00:23Z",
"published": "2022-07-02T00:00:19Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-22367"
},
{
"type": "WEB",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/221008"
},
{
"type": "WEB",
"url": "https://www.ibm.com/support/pages/node/6600067"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-R6RM-754V-479J
Vulnerability from github – Published: 2022-05-24 17:38 – Updated: 2025-08-12 18:31IBM Security Guardium Data Encryption (GDE) 3.0.0.2 stores sensitive information in URL parameters. This may lead to information disclosure if unauthorized parties have access to the URLs via server logs, referrer header or browser history. IBM X-Force ID: 171823.
{
"affected": [],
"aliases": [
"CVE-2019-4687"
],
"database_specific": {
"cwe_ids": [
"CWE-312"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2021-01-13T18:15:00Z",
"severity": "MODERATE"
},
"details": "IBM Security Guardium Data Encryption (GDE) 3.0.0.2 stores sensitive information in URL parameters. This may lead to information disclosure if unauthorized parties have access to the URLs via server logs, referrer header or browser history. IBM X-Force ID: 171823.",
"id": "GHSA-r6rm-754v-479j",
"modified": "2025-08-12T18:31:16Z",
"published": "2022-05-24T17:38:57Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-4687"
},
{
"type": "WEB",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/171823"
},
{
"type": "WEB",
"url": "https://www.ibm.com/support/pages/node/6403331"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-R7CH-CWP4-RH7C
Vulnerability from github – Published: 2023-02-13 18:30 – Updated: 2023-02-25 03:30Echelon SmartServer 2.2 with i.LON Vision 2.2 stores cleartext credentials in a file, which could allow an attacker to obtain cleartext usernames and passwords of the SmartServer. If the attacker obtains the file, then the credentials could be used to control the web user interface and file transfer protocol (FTP) server.
{
"affected": [],
"aliases": [
"CVE-2022-3089"
],
"database_specific": {
"cwe_ids": [
"CWE-312",
"CWE-798"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2023-02-13T17:15:00Z",
"severity": "CRITICAL"
},
"details": "Echelon SmartServer 2.2 with i.LON Vision 2.2 stores cleartext credentials in a file, which could allow an attacker to obtain cleartext usernames and passwords of the SmartServer. If the attacker obtains the file, then the credentials could be used to control the web user interface and file transfer protocol (FTP) server.",
"id": "GHSA-r7ch-cwp4-rh7c",
"modified": "2023-02-25T03:30:16Z",
"published": "2023-02-13T18:30:25Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-3089"
},
{
"type": "WEB",
"url": "https://www.cisa.gov/uscert/ics/advisories/icsa-23-037-01"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
Mitigation
When storing data in the cloud (e.g., S3 buckets, Azure blobs, Google Cloud Storage, etc.), use the provider's controls to encrypt the data at rest. [REF-1297] [REF-1299] [REF-1301]
Mitigation
In some systems/environments such as cloud, the use of "double encryption" (at both the software and hardware layer) might be required, and the developer might be solely responsible for both layers, instead of shared responsibility with the administrator of the broader system/environment.
CAPEC-37: Retrieve Embedded Sensitive Data
An attacker examines a target system to find sensitive data that has been embedded within it. This information can reveal confidential contents, such as account numbers or individual keys/credentials that can be used as an intermediate step in a larger attack.