CWE-256
AllowedPlaintext Storage of a Password
Abstraction: Base · Status: Incomplete
The product stores a password in plaintext within resources such as memory or files.
397 vulnerabilities reference this CWE, most recent first.
GHSA-3MGG-3HQG-JJQ6
Vulnerability from github – Published: 2024-12-18 18:30 – Updated: 2024-12-18 18:30IBM Storage Defender - Resiliency Service 2.0.0 through 2.0.9
could allow a privileged user to obtain highly sensitive user credentials from secret keys that are stored in clear text.
{
"affected": [],
"aliases": [
"CVE-2023-50956"
],
"database_specific": {
"cwe_ids": [
"CWE-256"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-12-18T16:15:10Z",
"severity": "MODERATE"
},
"details": "IBM Storage Defender - Resiliency Service 2.0.0 through 2.0.9 \n\ncould allow a privileged user to obtain highly sensitive user credentials from secret keys that are stored in clear text.",
"id": "GHSA-3mgg-3hqg-jjq6",
"modified": "2024-12-18T18:30:52Z",
"published": "2024-12-18T18:30:51Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-50956"
},
{
"type": "WEB",
"url": "https://www.ibm.com/support/pages/node/7178587"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-3PMF-5HR9-R9R6
Vulnerability from github – Published: 2025-02-27 21:32 – Updated: 2025-02-28 18:31Draytek devices Vigor 165/166 prior to v4.2.6 , Vigor 2620/LTE200 prior to v3.9.8.8, Vigor 2860/2925 prior to v3.9.7, Vigor 2862/2926 prior to v3.9.9.4, Vigor 2133/2762/2832 prior to v3.9.8, Vigor 2135/2765/2766 prior to v4.4.5.1, Vigor 2865/2866/2927 prior to v4.4.5.3, Vigor 2962/3910 prior to v4.3.2.7, Vigor 3912 prior to v4.3.5.2, and Vigor 2925 up to v3.9.6 were discovered to store passwords in plaintext.
{
"affected": [],
"aliases": [
"CVE-2024-41336"
],
"database_specific": {
"cwe_ids": [
"CWE-256"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-02-27T21:15:36Z",
"severity": "HIGH"
},
"details": "Draytek devices Vigor 165/166 prior to v4.2.6 , Vigor 2620/LTE200 prior to v3.9.8.8, Vigor 2860/2925 prior to v3.9.7, Vigor 2862/2926 prior to v3.9.9.4, Vigor 2133/2762/2832 prior to v3.9.8, Vigor 2135/2765/2766 prior to v4.4.5.1, Vigor 2865/2866/2927 prior to v4.4.5.3, Vigor 2962/3910 prior to v4.3.2.7, Vigor 3912 prior to v4.3.5.2, and Vigor 2925 up to v3.9.6 were discovered to store passwords in plaintext.",
"id": "GHSA-3pmf-5hr9-r9r6",
"modified": "2025-02-28T18:31:01Z",
"published": "2025-02-27T21:32:17Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-41336"
},
{
"type": "WEB",
"url": "https://medium.com/faraday/advisory-multiple-vulnerabilities-affecting-draytek-routers-78a6cb8b3946"
},
{
"type": "WEB",
"url": "http://draytek.com"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-3RCX-PWRP-RJR2
Vulnerability from github – Published: 2024-06-14 15:31 – Updated: 2024-08-01 15:31LB-LINK BL-W1210M v2.0 was discovered to store user credentials in plaintext within the router's firmware.
{
"affected": [],
"aliases": [
"CVE-2024-33375"
],
"database_specific": {
"cwe_ids": [
"CWE-256"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-06-14T15:15:50Z",
"severity": "CRITICAL"
},
"details": "LB-LINK BL-W1210M v2.0 was discovered to store user credentials in plaintext within the router\u0027s firmware.",
"id": "GHSA-3rcx-pwrp-rjr2",
"modified": "2024-08-01T15:31:49Z",
"published": "2024-06-14T15:31:25Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-33375"
},
{
"type": "WEB",
"url": "https://github.com/ShravanSinghRathore/Security-Advisory-Multiple-Vulnerabilities-in-LB-link-BL-W1210M-Router/wiki/Credentials-Stored-in-Cleartext--%7C--Unencrypted-Credentials-%28CVE%E2%80%902024%E2%80%9033375%29"
},
{
"type": "WEB",
"url": "https://redfoxsec.com/blog/security-advisory-multiple-vulnerabilities-in-lb-link-bl-w1210m-router"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-3WFW-CF7H-38C7
Vulnerability from github – Published: 2024-09-11 18:31 – Updated: 2024-09-11 18:31A vulnerability in the storage method of the PON Controller configuration file could allow an authenticated, local attacker with low privileges to obtain the MongoDB credentials.
This vulnerability is due to improper storage of the unencrypted database credentials on the device that is running Cisco IOS XR Software. An attacker could exploit this vulnerability by accessing the configuration files on an affected system. A successful exploit could allow the attacker to view MongoDB credentials.
{
"affected": [],
"aliases": [
"CVE-2024-20489"
],
"database_specific": {
"cwe_ids": [
"CWE-256",
"CWE-522"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-09-11T17:15:13Z",
"severity": "HIGH"
},
"details": "A vulnerability in the storage method of the PON Controller configuration file could allow an authenticated, local attacker with low privileges to obtain the MongoDB credentials.\n\nThis vulnerability is due to improper storage of the unencrypted database credentials on the device that is running Cisco IOS XR Software. An attacker could exploit this vulnerability by accessing the configuration files on an affected system. A successful exploit could allow the attacker to view MongoDB credentials.",
"id": "GHSA-3wfw-cf7h-38c7",
"modified": "2024-09-11T18:31:08Z",
"published": "2024-09-11T18:31:08Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-20489"
},
{
"type": "WEB",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxr-ponctlr-ci-OHcHmsFL"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-4777-JJJG-6MXH
Vulnerability from github – Published: 2025-05-27 03:30 – Updated: 2025-05-27 03:30IBM Controller 11.0.0, 11.0.1, and 11.1.0 application could allow an authenticated user to obtain sensitive credentials that may be inadvertently included within the source code.
{
"affected": [],
"aliases": [
"CVE-2025-33079"
],
"database_specific": {
"cwe_ids": [
"CWE-256",
"CWE-522"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-05-27T02:15:19Z",
"severity": "MODERATE"
},
"details": "IBM Controller 11.0.0, 11.0.1, and 11.1.0 application could allow an authenticated user to obtain sensitive credentials that may be inadvertently included within the source code.",
"id": "GHSA-4777-jjjg-6mxh",
"modified": "2025-05-27T03:30:24Z",
"published": "2025-05-27T03:30:24Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-33079"
},
{
"type": "WEB",
"url": "https://www.ibm.com/support/pages/node/7234720"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-485Q-V457-3P58
Vulnerability from github – Published: 2022-05-24 17:33 – Updated: 2022-12-22 13:49Jenkins Mail Commander Plugin for Jenkins-ci Plugin 1.0.0 and earlier stores passwords unencrypted in job config.xml files on the Jenkins controller where they can be viewed by users with Extended Read permission, or access to the Jenkins controller file system.
{
"affected": [
{
"package": {
"ecosystem": "Maven",
"name": "org.jenkins-ci.plugins:mailcommander"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "1.0.0"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2020-2318"
],
"database_specific": {
"cwe_ids": [
"CWE-256",
"CWE-522"
],
"github_reviewed": true,
"github_reviewed_at": "2022-12-22T13:49:20Z",
"nvd_published_at": "2020-11-04T15:15:00Z",
"severity": "MODERATE"
},
"details": "Jenkins Mail Commander Plugin for Jenkins-ci Plugin 1.0.0 and earlier stores passwords unencrypted in job config.xml files on the Jenkins controller where they can be viewed by users with Extended Read permission, or access to the Jenkins controller file system.",
"id": "GHSA-485q-v457-3p58",
"modified": "2022-12-22T13:49:20Z",
"published": "2022-05-24T17:33:09Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-2318"
},
{
"type": "PACKAGE",
"url": "https://github.com/jenkinsci/mail-commander-plugin"
},
{
"type": "WEB",
"url": "https://www.jenkins.io/security/advisory/2020-11-04/#SECURITY-2085"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
}
],
"summary": "Passwords stored in plain text by Mail Commander Plugin for Jenkins-ci Plugin"
}
GHSA-4CPQ-X93Q-3PX9
Vulnerability from github – Published: 2024-04-25 18:30 – Updated: 2024-04-25 18:30A flaw was found in how Quay's database is stored in plain-text in mirror-registry on the jinja's config.yaml file. This flaw allows a malicious actor with access to this file to gain access to Quay's database.
{
"affected": [],
"aliases": [
"CVE-2024-3624"
],
"database_specific": {
"cwe_ids": [
"CWE-256"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-04-25T18:15:10Z",
"severity": "HIGH"
},
"details": "A flaw was found in how Quay\u0027s database is stored in plain-text in mirror-registry on the jinja\u0027s config.yaml file. This flaw allows a malicious actor with access to this file to gain access to Quay\u0027s database.",
"id": "GHSA-4cpq-x93q-3px9",
"modified": "2024-04-25T18:30:40Z",
"published": "2024-04-25T18:30:40Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-3624"
},
{
"type": "WEB",
"url": "https://access.redhat.com/security/cve/CVE-2024-3624"
},
{
"type": "WEB",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2274407"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-4H2J-P4RJ-JR68
Vulnerability from github – Published: 2024-06-14 06:34 – Updated: 2024-07-04 06:35Coredump binaries in Toshiba printers have incorrect permissions. A local attacker can steal confidential information. As for the affected products/models/versions, see the reference URL.
{
"affected": [],
"aliases": [
"CVE-2024-27166"
],
"database_specific": {
"cwe_ids": [
"CWE-256"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-06-14T04:15:34Z",
"severity": "HIGH"
},
"details": "Coredump binaries in Toshiba printers have incorrect permissions. A local attacker can steal confidential information. As for the affected products/models/versions, see the reference URL.",
"id": "GHSA-4h2j-p4rj-jr68",
"modified": "2024-07-04T06:35:04Z",
"published": "2024-06-14T06:34:46Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-27166"
},
{
"type": "WEB",
"url": "https://jvn.jp/en/vu/JVNVU97136265/index.html"
},
{
"type": "WEB",
"url": "https://www.toshibatec.com/information/20240531_01.html"
},
{
"type": "WEB",
"url": "https://www.toshibatec.com/information/pdf/information20240531_01.pdf"
},
{
"type": "WEB",
"url": "http://seclists.org/fulldisclosure/2024/Jul/1"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-4J9M-H44M-2HV8
Vulnerability from github – Published: 2026-07-02 20:32 – Updated: 2026-07-02 20:32Summary
Configuring encrypt:rsa:algorithm=OAEP does not enable OAEP encryption. Due to an incorrect BouncyCastle transformation string, the OAEP setting selects PKCS#1 v1.5, which is the same algorithm as the DEFAULT setting.
Impact
Operators who configure encrypt:rsa:algorithm=OAEP to obtain CCA2-secure padding receive PKCS#1 v1.5 instead. Currently, Decrypt() is called only against operator-controlled configuration data, so no exploitable path exists, but any future code path that exposes a decryption oracle would be Bleichenbacher-vulnerable despite the OAEP setting.
Migration note
Existing {cipher} values produced under the broken OAEP setting were encrypted with PKCS#1 v1.5. The fix makes OAEP use actual OAEP padding, so those values will fail to decrypt after upgrading. Re-encrypt all affected {cipher} values after upgrading.
{
"affected": [
{
"database_specific": {
"last_known_affected_version_range": "\u003c= 4.1.0"
},
"package": {
"ecosystem": "NuGet",
"name": "Steeltoe.Configuration.Encryption"
},
"ranges": [
{
"events": [
{
"introduced": "4.0.0"
},
{
"fixed": "4.2.0"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2026-50268"
],
"database_specific": {
"cwe_ids": [
"CWE-256",
"CWE-327"
],
"github_reviewed": true,
"github_reviewed_at": "2026-07-02T20:32:21Z",
"nvd_published_at": "2026-06-17T23:17:04Z",
"severity": "LOW"
},
"details": "### Summary\n\nConfiguring `encrypt:rsa:algorithm=OAEP` does not enable OAEP encryption. Due to an incorrect BouncyCastle transformation string, the `OAEP` setting selects PKCS#1 v1.5, which is the same algorithm as the `DEFAULT` setting.\n\n### Impact\n\nOperators who configure `encrypt:rsa:algorithm=OAEP` to obtain CCA2-secure padding receive PKCS#1 v1.5 instead. Currently, `Decrypt()` is called only against operator-controlled configuration data, so no exploitable path exists, but any future code path that exposes a decryption oracle would be Bleichenbacher-vulnerable despite the `OAEP` setting.\n\n### Migration note\n\nExisting `{cipher}` values produced under the broken `OAEP` setting were encrypted with PKCS#1 v1.5. The fix makes `OAEP` use actual OAEP padding, so those values will fail to decrypt after upgrading. Re-encrypt all affected `{cipher}` values after upgrading.",
"id": "GHSA-4j9m-h44m-2hv8",
"modified": "2026-07-02T20:32:21Z",
"published": "2026-07-02T20:32:21Z",
"references": [
{
"type": "WEB",
"url": "https://github.com/SteeltoeOSS/security-advisories/security/advisories/GHSA-4j9m-h44m-2hv8"
},
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-50268"
},
{
"type": "WEB",
"url": "https://github.com/SteeltoeOSS/Steeltoe/commit/6cfee5cccddf8f9a31de69b0ca5ccdd771b73e5b"
},
{
"type": "PACKAGE",
"url": "https://github.com/SteeltoeOSS/security-advisories"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:L/I:N/A:N",
"type": "CVSS_V3"
}
],
"summary": "Steeltoe: OAEP setting silently selects PKCS#1 v1.5 padding"
}
GHSA-4V4V-92CX-X4F4
Vulnerability from github – Published: 2025-07-09 18:30 – Updated: 2025-11-05 20:13Jenkins Nouvola DiveCloud Plugin 1.08 and earlier does not mask DiveCloud API Keys and Credentials Encryption Keys displayed on the job configuration form, increasing the potential for attackers to observe and capture them.
{
"affected": [
{
"package": {
"ecosystem": "Maven",
"name": "org.jenkins-ci.plugins:nouvola-divecloud"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "1.08"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2025-53671"
],
"database_specific": {
"cwe_ids": [
"CWE-256"
],
"github_reviewed": true,
"github_reviewed_at": "2025-07-09T21:45:25Z",
"nvd_published_at": "2025-07-09T16:15:26Z",
"severity": "MODERATE"
},
"details": "Jenkins Nouvola DiveCloud Plugin 1.08 and earlier does not mask DiveCloud API Keys and Credentials Encryption Keys displayed on the job configuration form, increasing the potential for attackers to observe and capture them.",
"id": "GHSA-4v4v-92cx-x4f4",
"modified": "2025-11-05T20:13:01Z",
"published": "2025-07-09T18:30:46Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-53671"
},
{
"type": "PACKAGE",
"url": "https://github.com/jenkinsci/nouvola-divecloud-plugin"
},
{
"type": "WEB",
"url": "https://www.jenkins.io/security/advisory/2025-07-09/#SECURITY-3526"
},
{
"type": "WEB",
"url": "http://www.openwall.com/lists/oss-security/2025/07/09/4"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"type": "CVSS_V3"
}
],
"summary": "Jenkins Nouvola DiveCloud Plugin vulnerability does not mask keys on its job configuration form"
}
Mitigation
Avoid storing passwords in easily accessible locations.
Mitigation
Consider storing cryptographic hashes of passwords as an alternative to storing in plaintext.
Mitigation
A programmer might attempt to remedy the password management problem by obscuring the password with an encoding function, such as base 64 encoding, but this effort does not adequately protect the password because the encoding can be detected and decoded easily.
No CAPEC attack patterns related to this CWE.