Common Weakness Enumeration
CWE-256
AllowedPlaintext Storage of a Password
Abstraction: Base · Status: Incomplete
The product stores a password in plaintext within resources such as memory or files.
397 vulnerabilities reference this CWE, most recent first.
CVE-2025-2500 (GCVE-0-2025-2500)
Vulnerability from cvelistv5 – Published: 2025-05-30 12:29 – Updated: 2025-05-30 13:22
VLAI
EPSS
VEX
Summary
A vulnerability exists in the SOAP Web services of the Asset
Suite versions listed below. If successfully exploited, an attacker
could gain unauthorized access to the product and the time window of a possible password attack could be expanded.
Severity
7.4 (High)
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
Assigner
References
1 reference
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Hitachi Energy | Asset Suite |
Affected:
9.6.4.4
Affected: 9.7 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-2500",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-05-30T13:22:10.779733Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-05-30T13:22:19.268Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Asset Suite",
"vendor": "Hitachi Energy",
"versions": [
{
"status": "affected",
"version": "9.6.4.4"
},
{
"status": "affected",
"version": "9.7"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "A vulnerability exists in the SOAP Web services of the Asset \nSuite versions listed below. If successfully exploited, an attacker \ncould gain unauthorized access to the product and the time window of a possible password attack could be expanded."
}
],
"value": "A vulnerability exists in the SOAP Web services of the Asset \nSuite versions listed below. If successfully exploited, an attacker \ncould gain unauthorized access to the product and the time window of a possible password attack could be expanded."
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "HIGH",
"attackRequirements": "PRESENT",
"attackVector": "NETWORK",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
},
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-256",
"description": "CWE-256",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-05-30T12:29:21.370Z",
"orgId": "e383dce4-0c27-4495-91c4-0db157728d17",
"shortName": "Hitachi Energy"
},
"references": [
{
"url": "https://publisher.hitachienergy.com/preview?DocumentID=8DBD000212\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "e383dce4-0c27-4495-91c4-0db157728d17",
"assignerShortName": "Hitachi Energy",
"cveId": "CVE-2025-2500",
"datePublished": "2025-05-30T12:29:21.370Z",
"dateReserved": "2025-03-18T14:54:10.957Z",
"dateUpdated": "2025-05-30T13:22:19.268Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-2355 (GCVE-0-2025-2355)
Vulnerability from cvelistv5 – Published: 2025-03-17 00:31 – Updated: 2025-03-17 13:38
VLAI
EPSS
VEX
Title
BlackVue App API Endpoint credentials storage
Summary
A vulnerability was found in BlackVue App 3.65 on Android and classified as problematic. Affected by this issue is some unknown functionality of the component API Endpoint Handler. The manipulation of the argument BCS_TOKEN/SECRET_KEY leads to unprotected storage of credentials. Local access is required to approach this attack. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
Severity
SSVC
Exploitation: poc
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
Assigner
References
4 references
| URL | Tags |
|---|---|
| https://vuldb.com/?id.299822 | vdb-entrytechnical-description |
| https://vuldb.com/?ctiid.299822 | signaturepermissions-required |
| https://vuldb.com/?submit.513351 | third-party-advisory |
| https://github.com/geo-chen/BlackVue/blob/main/RE… | exploit |
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-2355",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-03-17T13:38:08.727009Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-03-17T13:38:26.270Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"modules": [
"API Endpoint Handler"
],
"product": "App",
"vendor": "BlackVue",
"versions": [
{
"status": "affected",
"version": "3.65"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "geochen (VulDB User)"
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was found in BlackVue App 3.65 on Android and classified as problematic. Affected by this issue is some unknown functionality of the component API Endpoint Handler. The manipulation of the argument BCS_TOKEN/SECRET_KEY leads to unprotected storage of credentials. Local access is required to approach this attack. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way."
},
{
"lang": "de",
"value": "Eine Schwachstelle wurde in BlackVue App 3.65 f\u00fcr Android gefunden. Sie wurde als problematisch eingestuft. Dies betrifft einen unbekannten Teil der Komponente API Endpoint Handler. Mittels Manipulieren des Arguments BCS_TOKEN/SECRET_KEY mit unbekannten Daten kann eine unprotected storage of credentials-Schwachstelle ausgenutzt werden. Der Angriff muss lokal passieren. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung."
}
],
"metrics": [
{
"cvssV4_0": {
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N",
"version": "4.0"
}
},
{
"cvssV3_1": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
}
},
{
"cvssV3_0": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.0"
}
},
{
"cvssV2_0": {
"baseScore": 1.7,
"vectorString": "AV:L/AC:L/Au:S/C:P/I:N/A:N",
"version": "2.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-256",
"description": "Unprotected Storage of Credentials",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-255",
"description": "Credentials Management",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-03-17T00:31:04.118Z",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"name": "VDB-299822 | BlackVue App API Endpoint credentials storage",
"tags": [
"vdb-entry",
"technical-description"
],
"url": "https://vuldb.com/?id.299822"
},
{
"name": "VDB-299822 | CTI Indicators (IOB, IOC, TTP, IOA)",
"tags": [
"signature",
"permissions-required"
],
"url": "https://vuldb.com/?ctiid.299822"
},
{
"name": "Submit #513351 | BlackVue Dashcam APK v3.65 Plaintext Password in Configuration File",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/?submit.513351"
},
{
"tags": [
"exploit"
],
"url": "https://github.com/geo-chen/BlackVue/blob/main/README.md#finding-2-hardcoded-secrets-exposed-in-plaintext"
}
],
"timeline": [
{
"lang": "en",
"time": "2025-03-15T00:00:00.000Z",
"value": "Advisory disclosed"
},
{
"lang": "en",
"time": "2025-03-15T01:00:00.000Z",
"value": "VulDB entry created"
},
{
"lang": "en",
"time": "2025-03-15T22:02:48.000Z",
"value": "VulDB entry last update"
}
],
"title": "BlackVue App API Endpoint credentials storage"
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2025-2355",
"datePublished": "2025-03-17T00:31:04.118Z",
"dateReserved": "2025-03-15T20:57:41.942Z",
"dateUpdated": "2025-03-17T13:38:26.270Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-1709 (GCVE-0-2025-1709)
Vulnerability from cvelistv5 – Published: 2025-07-03 11:20 – Updated: 2025-07-03 13:17
VLAI
EPSS
VEX
Title
CVE-2025-1709
Summary
Several credentials for the local PostgreSQL database are stored in plain text (partially base64 encoded).
Severity
6.5 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-256 - Plaintext Storage of a Password
Assigner
References
6 references
| URL | Tags |
|---|---|
| https://www.endress.com | x_Endress+Hauser |
| https://sick.com/psirt | x_SICK PSIRT Security Advisories |
| https://www.cisa.gov/resources-tools/resources/ic… | x_ICS-CERT recommended practices on Industrial Security |
| https://www.first.org/cvss/calculator/3.1 | x_CVSS v3.1 Calculator |
| https://www.sick.com/.well-known/csaf/white/2025/… | x_The canonical URL. |
| https://www.sick.com/.well-known/csaf/white/2025/… | vendor-advisory |
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| Endress+Hauser | Endress+Hauser MEAC300-FNADE4 |
Affected:
0 , ≤ <=0.16.0
(custom)
|
|
| Endress+Hauser | Endress+Hauser MEAC300-FNADE4 |
Unaffected:
>=0.17.0
(custom)
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-1709",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-07-03T12:59:53.849231Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-07-03T13:17:00.475Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Endress+Hauser MEAC300-FNADE4",
"vendor": "Endress+Hauser",
"versions": [
{
"lessThanOrEqual": "\u003c=0.16.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "affected",
"product": "Endress+Hauser MEAC300-FNADE4",
"vendor": "Endress+Hauser",
"versions": [
{
"status": "unaffected",
"version": "\u003e=0.17.0",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eSeveral credentials for the local PostgreSQL database are stored in plain text (partially base64 encoded).\u003c/p\u003e"
}
],
"value": "Several credentials for the local PostgreSQL database are stored in plain text (partially base64 encoded)."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"environmentalScore": 6.5,
"environmentalSeverity": "MEDIUM",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"temporalScore": 6.5,
"temporalSeverity": "MEDIUM",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-256",
"description": "CWE-256 Plaintext Storage of a Password",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-07-03T11:20:20.793Z",
"orgId": "a6863dd2-93fc-443d-bef1-79f0b5020988",
"shortName": "SICK AG"
},
"references": [
{
"tags": [
"x_Endress+Hauser"
],
"url": "https://www.endress.com"
},
{
"tags": [
"x_SICK PSIRT Security Advisories"
],
"url": "https://sick.com/psirt"
},
{
"tags": [
"x_ICS-CERT recommended practices on Industrial Security"
],
"url": "https://www.cisa.gov/resources-tools/resources/ics-recommended-practices"
},
{
"tags": [
"x_CVSS v3.1 Calculator"
],
"url": "https://www.first.org/cvss/calculator/3.1"
},
{
"tags": [
"x_The canonical URL."
],
"url": "https://www.sick.com/.well-known/csaf/white/2025/sca-2025-0008.json"
},
{
"tags": [
"vendor-advisory"
],
"url": "https://sick.com/psirt"
},
{
"tags": [
"vendor-advisory"
],
"url": "https://www.sick.com/.well-known/csaf/white/2025/sca-2025-0008.pdf"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eCustomers are strongly advised to update to the newest version.\u003c/p\u003e"
}
],
"value": "Customers are strongly advised to update to the newest version."
}
],
"source": {
"advisory": "SCA-2025-0008",
"discovery": "INTERNAL"
},
"title": "CVE-2025-1709",
"x_generator": {
"engine": "csaf2cve 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "a6863dd2-93fc-443d-bef1-79f0b5020988",
"assignerShortName": "SICK AG",
"cveId": "CVE-2025-1709",
"datePublished": "2025-07-03T11:20:20.793Z",
"dateReserved": "2025-02-26T08:40:04.800Z",
"dateUpdated": "2025-07-03T13:17:00.475Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-0936 (GCVE-0-2025-0936)
Vulnerability from cvelistv5 – Published: 2025-05-07 22:52 – Updated: 2025-05-08 13:02
VLAI
EPSS
VEX
Title
On affected platforms running Arista EOS with a gNMI transport enabled, running the gNOI File TransferToRemote RPC with credentials for a remote server may cause these remote-server credentials to be logged or accounted on the local EOS device or possibly
Summary
On affected platforms running Arista EOS with a gNMI transport enabled, running the gNOI File TransferToRemote RPC with credentials for a remote server may cause these remote-server credentials to be logged or accounted on the local EOS device or possibly on other remote accounting servers (i.e. TACACS, RADIUS, etc).
Severity
6.5 (Medium)
SSVC
Exploitation: poc
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
Assigner
References
1 reference
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Arista Networks | EOS |
Affected:
4.33.0 , ≤ 4.33.1
(custom)
Affected: 4.32.0 , ≤ 4.32.3M (custom) Affected: 4.31.0 , ≤ 4.31.5M (custom) Affected: 4.30.1F , ≤ 4.30.9M (custom) |
Date Public
2025-05-06 15:00
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-0936",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-05-08T13:01:59.603974Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-05-08T13:02:27.046Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"references": [
{
"tags": [
"exploit"
],
"url": "https://www.arista.com/en/support/advisories-notices/security-advisory/21394-security-advisory-0117"
}
],
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "EOS",
"vendor": "Arista Networks",
"versions": [
{
"lessThanOrEqual": "4.33.1",
"status": "affected",
"version": "4.33.0",
"versionType": "custom"
},
{
"lessThanOrEqual": "4.32.3M",
"status": "affected",
"version": "4.32.0",
"versionType": "custom"
},
{
"lessThanOrEqual": "4.31.5M",
"status": "affected",
"version": "4.31.0",
"versionType": "custom"
},
{
"lessThanOrEqual": "4.30.9M",
"status": "affected",
"version": "4.30.1F",
"versionType": "custom"
}
]
}
],
"configurations": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eIn order to be vulnerable to CVE-2025-0936, one or both of the following conditions must be met:\u003c/p\u003e\u003cul\u003e\u003cli\u003eOpenConfig must be enabled with a gNOI server with accounting enabled \u003c/li\u003e\u003cli\u003eOpenConfig must be enabled with a gNOI server with tracing enabled which includes any of:\u003cbr\u003e\u003cul\u003e\u003cli\u003eservice/9\u003c/li\u003e\u003cli\u003einterceptor/9 \u003c/li\u003e\u003cli\u003etransport_socketcli/9 \u003c/li\u003e\u003c/ul\u003e\u003c/li\u003e\u003c/ul\u003e\u003cp\u003eIf OpenConfig is enabled with a gNOI server with accounting enabled, this will be shown in the following CLI output:\u003c/p\u003e\u003cpre\u003eswitch(config)#show management api gnmi\nTransport: default\nEnabled: \u003cspan style=\"background-color: rgb(255, 255, 0);\"\u003eyes\u003c/span\u003e\nServer: running on port 6030, in default VRF\nSSL profile: none\nQoS DSCP: none\nAuthorization required: no\nAccounting requests: \u003cspan style=\"background-color: rgb(255, 255, 0);\"\u003eyes\u003c/span\u003e\nNotification timestamp: last change time\nListen addresses: ::\nAuthentication username priority: x509-spiffe, metadata, x509-common-name\n\u003c/pre\u003e\u003cdiv\u003e\u0026nbsp;\u003c/div\u003e\u003cp\u003eIf OpenConfig is not configured or OpenConfig is configured with no gNOI server, then there is no exposure to this issue and the message will look like.\u003c/p\u003e\u003cpre\u003eswitch(config)#show management api gnmi\nEnabled: \u003cspan style=\"background-color: rgb(255, 255, 0);\"\u003eno transports enabled\u003c/span\u003e\n\u003c/pre\u003e\u003cdiv\u003e\u0026nbsp;\u003c/div\u003e\u003cp\u003eTo see the tracing enabled for OpenConfig, run:\u003c/p\u003e\u003cpre\u003eswitch(config)#show running-config section trace | grep OpenConfig\ntrace OpenConfig setting \u003cspan style=\"background-color: rgb(255, 255, 0);\"\u003eservice/9,interceptor/9,transport_socketcli/9\u003c/span\u003e\n\u003c/pre\u003e\u003cdiv\u003e\u0026nbsp;\u003c/div\u003e\u003cp\u003eNote: gRPC-based streaming via TerminAttr to CloudVision is not affected by this vulnerability.\u003c/p\u003e\u003cbr\u003e"
}
],
"value": "In order to be vulnerable to CVE-2025-0936, one or both of the following conditions must be met:\n\n * OpenConfig must be enabled with a gNOI server with accounting enabled \n * OpenConfig must be enabled with a gNOI server with tracing enabled which includes any of:\n * service/9\n * interceptor/9 \n * transport_socketcli/9 \n\n\n\n\n\nIf OpenConfig is enabled with a gNOI server with accounting enabled, this will be shown in the following CLI output:\n\nswitch(config)#show management api gnmi\nTransport: default\nEnabled: yes\nServer: running on port 6030, in default VRF\nSSL profile: none\nQoS DSCP: none\nAuthorization required: no\nAccounting requests: yes\nNotification timestamp: last change time\nListen addresses: ::\nAuthentication username priority: x509-spiffe, metadata, x509-common-name\n\n\n\u00a0\n\nIf OpenConfig is not configured or OpenConfig is configured with no gNOI server, then there is no exposure to this issue and the message will look like.\n\nswitch(config)#show management api gnmi\nEnabled: no transports enabled\n\n\n\u00a0\n\nTo see the tracing enabled for OpenConfig, run:\n\nswitch(config)#show running-config section trace | grep OpenConfig\ntrace OpenConfig setting service/9,interceptor/9,transport_socketcli/9\n\n\n\u00a0\n\nNote: gRPC-based streaming via TerminAttr to CloudVision is not affected by this vulnerability."
}
],
"datePublic": "2025-05-06T15:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eOn affected platforms running Arista EOS with a gNMI transport enabled, running the gNOI File TransferToRemote RPC with credentials for a remote server may cause these remote-server credentials to be logged or accounted on the local EOS device or possibly on other remote accounting servers (i.e. TACACS, RADIUS, etc).\u003c/span\u003e\u003cbr\u003e"
}
],
"value": "On affected platforms running Arista EOS with a gNMI transport enabled, running the gNOI File TransferToRemote RPC with credentials for a remote server may cause these remote-server credentials to be logged or accounted on the local EOS device or possibly on other remote accounting servers (i.e. TACACS, RADIUS, etc)."
}
],
"impacts": [
{
"capecId": "CAPEC-37",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-37 Retrieve Embedded Sensitive Data"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-256",
"description": "CWE-256",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-05-07T22:52:25.444Z",
"orgId": "c8b34d1a-69ae-45c3-88fe-f3b3d44f39b7",
"shortName": "Arista"
},
"references": [
{
"url": "https://www.arista.com/en/support/advisories-notices/security-advisory/21394-security-advisory-0117"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eThe recommended resolution is to upgrade to a remediated software version at your earliest convenience. Arista recommends customers move to the latest version of each release that contains all the fixes listed below. For more information about upgrading see \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.arista.com/en/um-eos/eos-upgrades-and-downgrades\"\u003eEOS User Manual: Upgrades and Downgrades\u003c/a\u003e\u003c/p\u003e\u003cdiv\u003eCVE-2025-0936 has been fixed in the following releases:\u003c/div\u003e\u003cul\u003e\u003cli\u003e4.30.10M and later releases in the 4.30.x train\u003c/li\u003e\u003cli\u003e4.31.7M and later releases in the 4.31.x train\u003c/li\u003e\u003cli\u003e4.32.5M and later releases in the 4.32.x train\u003c/li\u003e\u003cli\u003e4.33.2F and later releases\u003c/li\u003e\u003c/ul\u003e\u003cbr\u003e"
}
],
"value": "The recommended resolution is to upgrade to a remediated software version at your earliest convenience. Arista recommends customers move to the latest version of each release that contains all the fixes listed below. For more information about upgrading see EOS User Manual: Upgrades and Downgrades https://www.arista.com/en/um-eos/eos-upgrades-and-downgrades \n\nCVE-2025-0936 has been fixed in the following releases:\n\n * 4.30.10M and later releases in the 4.30.x train\n * 4.31.7M and later releases in the 4.31.x train\n * 4.32.5M and later releases in the 4.32.x train\n * 4.33.2F and later releases"
}
],
"source": {
"defect": [
"BUG 1045796"
],
"discovery": "INTERNAL"
},
"title": "On affected platforms running Arista EOS with a gNMI transport enabled, running the gNOI File TransferToRemote RPC with credentials for a remote server may cause these remote-server credentials to be logged or accounted on the local EOS device or possibly",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eThere are a number of possible workarounds:\u003c/p\u003e\u003ch4\u003eOption 1 - disable accounting/logging for the OpenConfig transport\u003c/h4\u003e\u003cp\u003eFor example to disable accounting for transport named \u201cdefault\u201d:\u003c/p\u003e\u003cpre\u003eswitch(config)#management api gnmi\nswitch(config-mgmt-api-gnmi)#transport grpc default\nswitch(config-gnmi-transport-default)#\u003cspan style=\"background-color: rgb(255, 255, 0);\"\u003eno accounting requests\u003c/span\u003e\n\u003c/pre\u003e\u003cdiv\u003e\u0026nbsp;\u003c/div\u003e\u003cp\u003eto disable logging for the OpenConfig agent, run:\u003c/p\u003e\u003cpre\u003eswitch(config)#no trace OpenConfig setting\n\u003c/pre\u003e\u003cdiv\u003e\u0026nbsp;\u003c/div\u003e\u003ch4\u003eOption 2 - disable the gNOI File service entirely\u003c/h4\u003e\u003cp\u003eTo disable the gNOI File service, override the OCGNOIFileToggle, then restart OpenConfig to load the changes\u003c/p\u003e\u003cpre\u003eswitch#bash timeout 100 echo \"OCGNOIFileToggle=0\" \u0026gt;\u0026gt; /mnt/flash/toggle_override\nswitch#agent OpenConfig terminate \n\u003c/pre\u003e\u003cdiv\u003e\u0026nbsp;\u003c/div\u003e\u003cp\u003eDisabling the gNOI File service will mean that gNOI clients will no longer be able to call any gNOI File RPCs\u003c/p\u003e\u003ch4\u003eOption 3 - block the TransferToRemote RPC using gNSI Authz\u003c/h4\u003e\u003cp\u003eFor releases with gNSI Authz (EOS 4.31.0F and later releases), the TransferToRemote RPC can be blocked using gNSI Authz.\u003c/p\u003e\u003cp\u003eFirst enable gNSI Authz service by adding the following config:\u003c/p\u003e\u003cpre\u003eswitch(config)#management api gnsi\nswitch(config-mgmt-api-gnsi)#service authz\n\u003c/pre\u003e\u003cp\u003eWhere [NAME] is the name of the running gNMI transport\u003c/p\u003e\u003cp\u003eAdding this config will cause the named gNMI transport to reload.\u003c/p\u003e\u003cp\u003eNext update the authz policy to block access to the TransferToRemote RPC. This can be done directly on the system by updating the Authz policy file and waiting at least 10 seconds for OpenConfig to reload the changes:\u003c/p\u003e\u003cpre\u003eswitch#bash timeout 100 echo \"{\\\"name\\\":\\\"block gNOI TransferToRemote policy\\\",\\\"allow_rules\\\":[{\\\"name\\\":\\\"allow_all\\\"}],\\\"deny_rules\\\":[{\\\"name\\\":\\\"no-one-can-use-gnoi-transfer-to-remote\\\",\\\"request\\\":{\\\"paths\\\":[\\\"/gnoi.file.File/TransferToRemote\\\"]}}]}\" | sudo tee /persist/sys/gnsi/authz/policy.json \u0026amp;\u0026amp; sleep 11\n\u003c/pre\u003e\u003cdiv\u003e\u0026nbsp;\u003c/div\u003e\u003cp\u003eThis will cause attempts to run the TransferToRemote RPC to fail with a \u201cPermissionDenied\u201d error code.\u003c/p\u003e\u003cbr\u003e"
}
],
"value": "There are a number of possible workarounds:\n\nOption 1 - disable accounting/logging for the OpenConfig transportFor example to disable accounting for transport named \u201cdefault\u201d:\n\nswitch(config)#management api gnmi\nswitch(config-mgmt-api-gnmi)#transport grpc default\nswitch(config-gnmi-transport-default)#no accounting requests\n\n\n\u00a0\n\nto disable logging for the OpenConfig agent, run:\n\nswitch(config)#no trace OpenConfig setting\n\n\n\u00a0\n\nOption 2 - disable the gNOI File service entirelyTo disable the gNOI File service, override the OCGNOIFileToggle, then restart OpenConfig to load the changes\n\nswitch#bash timeout 100 echo \"OCGNOIFileToggle=0\" \u003e\u003e /mnt/flash/toggle_override\nswitch#agent OpenConfig terminate \n\n\n\u00a0\n\nDisabling the gNOI File service will mean that gNOI clients will no longer be able to call any gNOI File RPCs\n\nOption 3 - block the TransferToRemote RPC using gNSI AuthzFor releases with gNSI Authz (EOS 4.31.0F and later releases), the TransferToRemote RPC can be blocked using gNSI Authz.\n\nFirst enable gNSI Authz service by adding the following config:\n\nswitch(config)#management api gnsi\nswitch(config-mgmt-api-gnsi)#service authz\n\n\nWhere [NAME] is the name of the running gNMI transport\n\nAdding this config will cause the named gNMI transport to reload.\n\nNext update the authz policy to block access to the TransferToRemote RPC. This can be done directly on the system by updating the Authz policy file and waiting at least 10 seconds for OpenConfig to reload the changes:\n\nswitch#bash timeout 100 echo \"{\\\"name\\\":\\\"block gNOI TransferToRemote policy\\\",\\\"allow_rules\\\":[{\\\"name\\\":\\\"allow_all\\\"}],\\\"deny_rules\\\":[{\\\"name\\\":\\\"no-one-can-use-gnoi-transfer-to-remote\\\",\\\"request\\\":{\\\"paths\\\":[\\\"/gnoi.file.File/TransferToRemote\\\"]}}]}\" | sudo tee /persist/sys/gnsi/authz/policy.json \u0026\u0026 sleep 11\n\n\n\u00a0\n\nThis will cause attempts to run the TransferToRemote RPC to fail with a \u201cPermissionDenied\u201d error code."
}
],
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "c8b34d1a-69ae-45c3-88fe-f3b3d44f39b7",
"assignerShortName": "Arista",
"cveId": "CVE-2025-0936",
"datePublished": "2025-05-07T22:52:25.444Z",
"dateReserved": "2025-01-31T17:18:43.715Z",
"dateUpdated": "2025-05-08T13:02:27.046Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-53292 (GCVE-0-2024-53292)
Vulnerability from cvelistv5 – Published: 2024-12-11 07:55 – Updated: 2024-12-11 15:09
VLAI
EPSS
VEX
Summary
Dell VxVerify, versions prior to x.40.405, contain a Plain-text Password Storage Vulnerability in the shell wrapper. A local high privileged attacker could potentially exploit this vulnerability, leading to the disclosure of certain user credentials. The attacker may be able to use the exposed credentials to access the vulnerable component with privileges of the compromised account.
Severity
7.2 (High)
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-256 - Plaintext Storage of a Password
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://www.dell.com/support/kbdoc/en-us/00025896… | vendor-advisory |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Dell | Dell VxRail HCI |
Affected:
N/A , < x.40.405
(semver)
|
Date Public
2024-12-10 18:30
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-53292",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-12-11T15:09:16.727089Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-12-11T15:09:35.982Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Dell VxRail HCI",
"vendor": "Dell",
"versions": [
{
"lessThan": "x.40.405",
"status": "affected",
"version": "N/A",
"versionType": "semver"
}
]
}
],
"datePublic": "2024-12-10T18:30:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Dell VxVerify, versions prior to x.40.405, contain a Plain-text Password Storage Vulnerability in the shell wrapper. A local high privileged attacker could potentially exploit this vulnerability, leading to the disclosure of certain user credentials. The attacker may be able to use the exposed credentials to access the vulnerable component with privileges of the compromised account."
}
],
"value": "Dell VxVerify, versions prior to x.40.405, contain a Plain-text Password Storage Vulnerability in the shell wrapper. A local high privileged attacker could potentially exploit this vulnerability, leading to the disclosure of certain user credentials. The attacker may be able to use the exposed credentials to access the vulnerable component with privileges of the compromised account."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-256",
"description": "CWE-256: Plaintext Storage of a Password",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-12-11T07:55:24.383Z",
"orgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
"shortName": "dell"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://www.dell.com/support/kbdoc/en-us/000258964/dsa-2024-492-security-update-dell-vxverify-on-vxrail-plaintext-password-storage-vulnerabilities"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
"assignerShortName": "dell",
"cveId": "CVE-2024-53292",
"datePublished": "2024-12-11T07:55:24.383Z",
"dateReserved": "2024-11-20T06:05:04.566Z",
"dateUpdated": "2024-12-11T15:09:35.982Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-52361 (GCVE-0-2024-52361)
Vulnerability from cvelistv5 – Published: 2024-12-18 15:26 – Updated: 2024-12-18 15:58
VLAI
EPSS
VEX
Title
IBM Storage Defender - Resiliency Service information disclosure
Summary
IBM Storage Defender - Resiliency Service 2.0.0 through 2.0.9
stores user credentials in plain text which can be read by an authenticated user with access to the pod.
Severity
5.7 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-256 - Plaintext Storage of a Password
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://www.ibm.com/support/pages/node/7178587 | vendor-advisory |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| IBM | Storage Defender - Resiliency Service |
Affected:
2.0.0 , ≤ 2.0.9
(semver)
cpe:2.3:a:ibm:storage_defender_resiliency_service:2.0.0:*:*:*:*:*:*:* cpe:2.3:a:ibm:storage_defender_resiliency_service:2.0.9:*:*:*:*:*:*:* |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-52361",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-12-18T15:58:25.641492Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-12-18T15:58:37.023Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:a:ibm:storage_defender_resiliency_service:2.0.0:*:*:*:*:*:*:*",
"cpe:2.3:a:ibm:storage_defender_resiliency_service:2.0.9:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "Storage Defender - Resiliency Service",
"vendor": "IBM",
"versions": [
{
"lessThanOrEqual": "2.0.9",
"status": "affected",
"version": "2.0.0",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eIBM Storage Defender - Resiliency Service 2.0.0 through 2.0.9 \n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\u0026nbsp;stores user credentials in plain text which can be read by an authenticated user with access to the pod.\u003c/span\u003e\n\n\u003c/span\u003e\n\n\u003c/span\u003e"
}
],
"value": "IBM Storage Defender - Resiliency Service 2.0.0 through 2.0.9 \n\n\n\n\u00a0stores user credentials in plain text which can be read by an authenticated user with access to the pod."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-256",
"description": "CWE-256 Plaintext Storage of a Password",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-12-18T15:26:43.535Z",
"orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"shortName": "ibm"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://www.ibm.com/support/pages/node/7178587"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "IBM Storage Defender - Resiliency Service information disclosure",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"assignerShortName": "ibm",
"cveId": "CVE-2024-52361",
"datePublished": "2024-12-18T15:26:43.535Z",
"dateReserved": "2024-11-10T16:11:09.566Z",
"dateUpdated": "2024-12-18T15:58:37.023Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-49370 (GCVE-0-2024-49370)
Vulnerability from cvelistv5 – Published: 2024-10-23 15:10 – Updated: 2024-10-23 17:29
VLAI
EPSS
VEX
Title
Change-Password via Portal-Profile sets PimcoreBackendUser password without hashing
Summary
Pimcore is an open source data and experience management platform. When a PortalUserObject is connected to a PimcoreUser and "Use Pimcore Backend Password" is set to true, the change password function in Portal Profile sets the new password. Prior to Pimcore portal engine versions 4.1.7 and 3.1.16, the password is then set without hashing so it can be read by everyone. Everyone who combines PortalUser to PimcoreUsers and change passwords via profile settings could be affected. Versions 4.1.7 and 3.1.16 of the Pimcore portal engine fix the issue.
Severity
SSVC
Exploitation: poc
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-256 - Plaintext Storage of a Password
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://github.com/pimcore/pimcore/security/advis… | x_refsource_CONFIRM |
Impacted products
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:pimcore:pimcore:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "pimcore",
"vendor": "pimcore",
"versions": [
{
"lessThan": "3.1.16",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThanOrEqual": "4.1.7",
"status": "affected",
"version": "4.0.0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-49370",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-23T17:24:31.062435Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-23T17:29:27.020Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "pimcore",
"vendor": "pimcore",
"versions": [
{
"status": "affected",
"version": "\u003c 3.1.16"
},
{
"status": "affected",
"version": "\u003e= 4.0.0, \u003c 4.1.7"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Pimcore is an open source data and experience management platform. When a PortalUserObject is connected to a PimcoreUser and \"Use Pimcore Backend Password\" is set to true, the change password function in Portal Profile sets the new password. Prior to Pimcore portal engine versions 4.1.7 and 3.1.16, the password is then set without hashing so it can be read by everyone. Everyone who combines PortalUser to PimcoreUsers and change passwords via profile settings could be affected. Versions 4.1.7 and 3.1.16 of the Pimcore portal engine fix the issue."
}
],
"metrics": [
{
"cvssV4_0": {
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 8.7,
"baseSeverity": "HIGH",
"privilegesRequired": "NONE",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "NONE"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-256",
"description": "CWE-256: Plaintext Storage of a Password",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-10-23T15:10:34.393Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/pimcore/pimcore/security/advisories/GHSA-74p5-77rq-gfqc",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/pimcore/pimcore/security/advisories/GHSA-74p5-77rq-gfqc"
}
],
"source": {
"advisory": "GHSA-74p5-77rq-gfqc",
"discovery": "UNKNOWN"
},
"title": "Change-Password via Portal-Profile sets PimcoreBackendUser password without hashing"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2024-49370",
"datePublished": "2024-10-23T15:10:34.393Z",
"dateReserved": "2024-10-14T13:56:34.811Z",
"dateUpdated": "2024-10-23T17:29:27.020Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-49351 (GCVE-0-2024-49351)
Vulnerability from cvelistv5 – Published: 2024-11-26 03:11 – Updated: 2024-11-26 15:42
VLAI
EPSS
VEX
Title
IBM Workload Scheduler information disclosure
Summary
IBM Workload Scheduler 9.5, 10.1, and 10.2 stores user credentials in plain text which can be read by a local user.
Severity
5.5 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-256 - Plaintext Storage of a Password
Assigner
References
1 reference
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| IBM | Workload Scheduler |
Affected:
9.5, 10.1, 10.2
cpe:2.3:a:ibm:tivoli_workload_scheduler:9.5:*:*:*:*:*:*:* cpe:2.3:a:ibm:tivoli_workload_scheduler:10.1:*:*:*:*:*:*:* cpe:2.3:a:ibm:tivoli_workload_scheduler:10.2:*:*:*:*:*:*:* |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-49351",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-26T15:42:09.115956Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-26T15:42:29.302Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:a:ibm:tivoli_workload_scheduler:9.5:*:*:*:*:*:*:*",
"cpe:2.3:a:ibm:tivoli_workload_scheduler:10.1:*:*:*:*:*:*:*",
"cpe:2.3:a:ibm:tivoli_workload_scheduler:10.2:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "Workload Scheduler",
"vendor": "IBM",
"versions": [
{
"status": "affected",
"version": "9.5, 10.1, 10.2"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "IBM Workload Scheduler 9.5, 10.1, and 10.2 stores user credentials in plain text which can be read by a local user."
}
],
"value": "IBM Workload Scheduler 9.5, 10.1, and 10.2 stores user credentials in plain text which can be read by a local user."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-256",
"description": "CWE-256 Plaintext Storage of a Password",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-11-26T03:11:52.593Z",
"orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"shortName": "ibm"
},
"references": [
{
"url": "https://www.ibm.com/support/pages/node/7177061"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "IBM Workload Scheduler information disclosure",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"assignerShortName": "ibm",
"cveId": "CVE-2024-49351",
"datePublished": "2024-11-26T03:11:52.593Z",
"dateReserved": "2024-10-14T12:05:24.914Z",
"dateUpdated": "2024-11-26T15:42:29.302Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-45638 (GCVE-0-2024-45638)
Vulnerability from cvelistv5 – Published: 2025-03-14 14:49 – Updated: 2025-09-01 01:05
VLAI
EPSS
VEX
Title
IBM QRadar EDR information disclosure
Summary
IBM Security QRadar 3.12 EDR stores user credentials in plain text which can be read by a local privileged user.
Severity
4.1 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-256 - Plaintext Storage of a Password
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://www.ibm.com/support/pages/node/7185938 | vendor-advisorypatch |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| IBM | QRadar EDR |
Affected:
3.12
cpe:2.3:a:ibm:security_qradar_edr:3.12:*:*:*:*:*:*:* |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-45638",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-03-14T18:41:27.680123Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-03-14T18:50:23.821Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:a:ibm:security_qradar_edr:3.12:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "QRadar EDR",
"vendor": "IBM",
"versions": [
{
"status": "affected",
"version": "3.12"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "IBM Security QRadar 3.12 EDR stores user credentials in plain text which can be read by a local privileged user."
}
],
"value": "IBM Security QRadar 3.12 EDR stores user credentials in plain text which can be read by a local privileged user."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 4.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-256",
"description": "CWE-256 Plaintext Storage of a Password",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-09-01T01:05:22.574Z",
"orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"shortName": "ibm"
},
"references": [
{
"tags": [
"vendor-advisory",
"patch"
],
"url": "https://www.ibm.com/support/pages/node/7185938"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "IBM QRadar EDR information disclosure",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"assignerShortName": "ibm",
"cveId": "CVE-2024-45638",
"datePublished": "2025-03-14T14:49:52.646Z",
"dateReserved": "2024-09-03T13:50:17.059Z",
"dateUpdated": "2025-09-01T01:05:22.574Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-45636 (GCVE-0-2024-45636)
Vulnerability from cvelistv5 – Published: 2026-06-11 15:10 – Updated: 2026-06-11 15:41
VLAI
EPSS
VEX
Title
IBM Security QRadar EDR Software has a vulnerability where user credentials may be stored in plain text, potentially exposing sensitive information.
Summary
IBM Security QRadar EDR 3.12 through 3.12.24 stores user credentials in plain text which can be read by a local privileged user.
Severity
4.1 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-256 - Plaintext Storage of a Password
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://www.ibm.com/support/pages/node/7274828 | vendor-advisorypatch |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| IBM | Security QRadar EDR |
Affected:
3.12.0 , ≤ 3.12.24
(semver)
cpe:2.3:a:ibm:security_qradar_edr:3.12:*:*:*:*:*:*:* cpe:2.3:a:ibm:security_qradar_edr:3.12.0:*:*:*:*:*:*:* cpe:2.3:a:ibm:security_qradar_edr:3.12.24:*:*:*:*:*:*:* |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-45636",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-06-11T15:41:43.602422Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-06-11T15:41:51.536Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:a:ibm:security_qradar_edr:3.12:*:*:*:*:*:*:*",
"cpe:2.3:a:ibm:security_qradar_edr:3.12.0:*:*:*:*:*:*:*",
"cpe:2.3:a:ibm:security_qradar_edr:3.12.24:*:*:*:*:*:*:*"
],
"product": "Security QRadar EDR",
"vendor": "IBM",
"versions": [
{
"lessThanOrEqual": "3.12.24",
"status": "affected",
"version": "3.12.0",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eIBM Security QRadar EDR 3.12 through 3.12.24 stores user credentials in plain text which can be read by a local privileged user.\u003c/p\u003e"
}
],
"value": "IBM Security QRadar EDR 3.12 through 3.12.24 stores user credentials in plain text which can be read by a local privileged user."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 4.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-256",
"description": "CWE-256 Plaintext Storage of a Password",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-06-11T15:10:38.269Z",
"orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"shortName": "ibm"
},
"references": [
{
"tags": [
"vendor-advisory",
"patch"
],
"url": "https://www.ibm.com/support/pages/node/7274828"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eIBM encourages customers to update their systems promptly.\u003c/p\u003e\u003cdiv\u003e\u003ctable\u003e\u003ctbody\u003e\u003ctr\u003e\u003ctd\u003eProduct\u003c/td\u003e\u003ctd\u003eFix version\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003eIBM Security QRadar EDR\u003c/td\u003e\u003ctd\u003e3.12.25\u003c/td\u003e\u003c/tr\u003e\u003c/tbody\u003e\u003c/table\u003e\u003c/div\u003e\u003cp\u003e\u003c/p\u003e\u003cp\u003eThe IBM Security QRadar EDR operator can be upgraded automatically when new compatible versions are available. However, you can control whether an operator is upgraded automatically by setting an approval strategy.\u003c/p\u003e\u003cdiv\u003e\u003cp\u003eTwo approval strategies are available:\u003c/p\u003e\u003cul\u003e\u003cli\u003eAutomatic (default) - New operator versions are installed automatically when they are available on the subscription channel.\u003c/li\u003e\u003cli\u003eManual - When a new operator version is available on the subscription channel, the subscription indicates that an update is available, but you must approve the update manually.\u003c/li\u003e\u003c/ul\u003e\u003cp\u003eFor more information about the manual installation process, view\u0026nbsp;\u003ca href=\"https://www.ibm.com/docs/en/security-qradar-edr/3.12?topic=overview-whats-new-changed\" rel=\"noopener noreferrer nofollow\"\u003eInstalling QRadar EDR\u003c/a\u003e\u003c/p\u003e\u003c/div\u003e"
}
],
"value": "IBM encourages customers to update their systems promptly.\n\nProductFix versionIBM Security QRadar EDR3.12.25\n\n\n\n\n\n\n\nThe IBM Security QRadar EDR operator can be upgraded automatically when new compatible versions are available. However, you can control whether an operator is upgraded automatically by setting an approval strategy.\n\n\n\nTwo approval strategies are available:\n\n * Automatic (default) - New operator versions are installed automatically when they are available on the subscription channel.\n * Manual - When a new operator version is available on the subscription channel, the subscription indicates that an update is available, but you must approve the update manually.\n\n\n\n\nFor more information about the manual installation process, view\u00a0 Installing QRadar EDR https://www.ibm.com/docs/en/security-qradar-edr/3.12"
}
],
"title": "IBM Security QRadar EDR Software has a vulnerability where user credentials may be stored in plain text, potentially exposing sensitive information.",
"x_generator": {
"engine": "ibm-cvegen"
}
}
},
"cveMetadata": {
"assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"assignerShortName": "ibm",
"cveId": "CVE-2024-45636",
"datePublished": "2026-06-11T15:10:38.269Z",
"dateReserved": "2024-09-03T13:49:55.577Z",
"dateUpdated": "2026-06-11T15:41:51.536Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
Mitigation
Architecture and Design
Avoid storing passwords in easily accessible locations.
Mitigation
Architecture and Design
Consider storing cryptographic hashes of passwords as an alternative to storing in plaintext.
Mitigation
A programmer might attempt to remedy the password management problem by obscuring the password with an encoding function, such as base 64 encoding, but this effort does not adequately protect the password because the encoding can be detected and decoded easily.
No CAPEC attack patterns related to this CWE.