Common Weakness Enumeration

CWE-312

Allowed

Cleartext Storage of Sensitive Information

Abstraction: Base · Status: Draft

The product stores sensitive information in cleartext within a resource that might be accessible to another control sphere.

1017 vulnerabilities reference this CWE, most recent first.

GHSA-RRHC-MQV4-797F

Vulnerability from github – Published: 2025-11-27 06:31 – Updated: 2025-12-08 06:30
VLAI
Details

Cleartext Storage of Sensitive Information Vulnerability in GX Works2 all versions allows an attacker to disclose credential information stored in plaintext from project files. As a result, the attacker may be able to open project files protected by user authentication using disclosed credential information, and obtain or modify project information.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2025-3784"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-312"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-11-27T05:16:15Z",
    "severity": "MODERATE"
  },
  "details": "Cleartext Storage of Sensitive Information Vulnerability in GX Works2 all versions allows an attacker to disclose credential information stored in plaintext from project files. As a result, the attacker may be able to open project files protected by user authentication using disclosed credential information, and obtain or modify project information.",
  "id": "GHSA-rrhc-mqv4-797f",
  "modified": "2025-12-08T06:30:20Z",
  "published": "2025-11-27T06:31:26Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-3784"
    },
    {
      "type": "WEB",
      "url": "https://jvn.jp/vu/JVNVU95288056"
    },
    {
      "type": "WEB",
      "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-25-338-01"
    },
    {
      "type": "WEB",
      "url": "https://www.mitsubishielectric.com/psirt/vulnerability/pdf/2025-016_en.pdf"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-RRQP-268P-3CF3

Vulnerability from github – Published: 2022-02-16 00:01 – Updated: 2022-02-24 00:01
VLAI
Details

NVIDIA License System contains a vulnerability in the installation scripts for the DLS virtual appliance, where a user on a network after signing in to the portal can access other users’ credentials, allowing them to gain escalated privileges, resulting in limited impact to both confidentiality and integrity.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2022-21818"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-312"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2022-02-15T00:15:00Z",
    "severity": "MODERATE"
  },
  "details": "NVIDIA License System contains a vulnerability in the installation scripts for the DLS virtual appliance, where a user on a network after signing in to the portal can access other users\u2019 credentials, allowing them to gain escalated privileges, resulting in limited impact to both confidentiality and integrity.",
  "id": "GHSA-rrqp-268p-3cf3",
  "modified": "2022-02-24T00:01:11Z",
  "published": "2022-02-16T00:01:57Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-21818"
    },
    {
      "type": "WEB",
      "url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5319"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

GHSA-RRWM-2VXQ-5X2H

Vulnerability from github – Published: 2023-07-06 19:24 – Updated: 2024-06-03 18:53
VLAI
Details

A vulnerability exists in the Intelligent Electronic Device (IED) Connectivity Package (ConnPack) credential storage function in Hitachi Energy’s PCM600 product included in the versions listed below, where IEDs credentials are stored in a cleartext format in the PCM600 database. An attacker who manages to get access to the exported backup file can exploit the vulnerability and obtain credentials of the IEDs. The credentials may be used to perform unauthorized modifications such as loading incorrect configurations, reboot the IEDs or cause a denial-of-service on the IEDs.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2022-2513"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-312"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2022-11-22T11:15:00Z",
    "severity": "MODERATE"
  },
  "details": "A vulnerability exists in the Intelligent Electronic Device (IED) Connectivity Package (ConnPack) credential storage function in Hitachi Energy\u2019s PCM600 product included in the versions listed below, where IEDs credentials are stored in a cleartext format in the PCM600 database. An attacker who manages to get access to the exported backup file can exploit the vulnerability and obtain credentials of the IEDs. The credentials may be used to perform unauthorized modifications such as loading incorrect configurations, reboot the IEDs or cause a denial-of-service on the IEDs.",
  "id": "GHSA-rrwm-2vxq-5x2h",
  "modified": "2024-06-03T18:53:43Z",
  "published": "2023-07-06T19:24:04Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-2513"
    },
    {
      "type": "WEB",
      "url": "https://publisher.hitachienergy.com/preview?DocumentID=8DBD000120\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch"
    },
    {
      "type": "WEB",
      "url": "https://search.abb.com/library/Download.aspx?DocumentID=8DBD000120\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-RRX9-X9WF-G3VH

Vulnerability from github – Published: 2023-09-27 15:30 – Updated: 2023-09-27 15:30
VLAI
Details

Sensitive information disclosure due to cleartext storage of sensitive information. The following products are affected: Acronis Cyber Protect 15 (Linux, Windows) before build 35979.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2023-44159"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-312"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2023-09-27T15:19:38Z",
    "severity": "MODERATE"
  },
  "details": "Sensitive information disclosure due to cleartext storage of sensitive information. The following products are affected: Acronis Cyber Protect 15 (Linux, Windows) before build 35979.",
  "id": "GHSA-rrx9-x9wf-g3vh",
  "modified": "2023-09-27T15:30:39Z",
  "published": "2023-09-27T15:30:39Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-44159"
    },
    {
      "type": "WEB",
      "url": "https://security-advisory.acronis.com/advisories/SEC-5787"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-RV2R-WGV2-J88M

Vulnerability from github – Published: 2025-06-28 18:32 – Updated: 2025-06-28 18:32
VLAI
Details

The MIB3 unit stores the synchronized phone contact book in clear-text, allowing an attacker with either code execution privilege on the system or physical access to the system to obtain vehicle owner's contact data. The vulnerability was originally discovered in Skoda Superb III car with MIB3 infotainment unit OEM part number 3V0035820. The list of affected MIB3 OEM part numbers is provided in the referenced resources.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2023-28912"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-312"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-06-28T16:15:23Z",
    "severity": "MODERATE"
  },
  "details": "The MIB3 unit stores the synchronized phone contact book in clear-text, allowing an attacker with either code execution privilege on the system or physical access to the system to obtain vehicle owner\u0027s contact data.\nThe vulnerability was originally discovered in Skoda Superb III car with MIB3 infotainment unit OEM part number 3V0035820. The list of affected MIB3 OEM part numbers is provided in the referenced resources.",
  "id": "GHSA-rv2r-wgv2-j88m",
  "modified": "2025-06-28T18:32:37Z",
  "published": "2025-06-28T18:32:37Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-28912"
    },
    {
      "type": "WEB",
      "url": "https://asrg.io/security-advisories/vulnerabilities-in-volkswagen-mib3-infotainment-part-2"
    },
    {
      "type": "WEB",
      "url": "https://i.blackhat.com/EU-24/Presentations/EU-24-Parnishchev-OverTheAirVW.pdf"
    },
    {
      "type": "WEB",
      "url": "https://pcacybersecurity.com/resources/advisory/vulnerabilities-in-vw-mib3-infotainment-2"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-RV83-H68Q-C4WQ

Vulnerability from github – Published: 2024-12-19 21:31 – Updated: 2025-01-02 21:52
VLAI
Summary
GoPhish sends cleartext passwords
Details

Insufficiently Protected Credentials in the Mail Server Configuration in GoPhish v0.12.1 allows an attacker to access cleartext passwords for the configured IMAP and SMTP servers.

Show details on source website

{
  "affected": [
    {
      "package": {
        "ecosystem": "Go",
        "name": "github.com/gophish/gophish"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "last_affected": "0.12.1"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2024-55196"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-312"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2025-01-02T21:52:39Z",
    "nvd_published_at": "2024-12-19T19:15:07Z",
    "severity": "HIGH"
  },
  "details": "Insufficiently Protected Credentials in the Mail Server Configuration in GoPhish v0.12.1 allows an attacker to access cleartext passwords for the configured IMAP and SMTP servers.",
  "id": "GHSA-rv83-h68q-c4wq",
  "modified": "2025-01-02T21:52:39Z",
  "published": "2024-12-19T21:31:10Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-55196"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/gophish/gophish"
    },
    {
      "type": "WEB",
      "url": "https://github.com/hexkaster/SecurityResearch/blob/main/CVE-2024-55196.md"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
      "type": "CVSS_V3"
    }
  ],
  "summary": "GoPhish sends cleartext passwords"
}

GHSA-RWRF-7JJ9-G4CP

Vulnerability from github – Published: 2023-05-31 00:31 – Updated: 2024-04-04 04:24
VLAI
Details

An issue was discovered in Faronics Insight 10.0.19045 on Windows. The Insight Teacher Console application exposes the teacher's Console password in cleartext via an API endpoint accessible from localhost. Attackers with physical access to the Teacher Console can open a web browser, navigate to the affected endpoint and obtain the teacher's password. This enables them to log into the Teacher Console and begin trivially attacking student machines.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2023-28345"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-312"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2023-05-31T00:15:09Z",
    "severity": "MODERATE"
  },
  "details": "An issue was discovered in Faronics Insight 10.0.19045 on Windows. The Insight Teacher Console application exposes the teacher\u0027s Console password in cleartext via an API endpoint accessible from localhost. Attackers with physical access to the Teacher Console can open a web browser, navigate to the affected endpoint and obtain the teacher\u0027s password. This enables them to log into the Teacher Console and begin trivially attacking student machines.",
  "id": "GHSA-rwrf-7jj9-g4cp",
  "modified": "2024-04-04T04:24:33Z",
  "published": "2023-05-31T00:31:06Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-28345"
    },
    {
      "type": "WEB",
      "url": "https://research.nccgroup.com/2023/05/30/technical-advisory-multiple-vulnerabilities-in-faronics-insight"
    },
    {
      "type": "WEB",
      "url": "https://research.nccgroup.com/?research=Technical%20advisories"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-RWRJ-7C92-9HMP

Vulnerability from github – Published: 2024-07-16 18:31 – Updated: 2024-09-10 18:30
VLAI
Details

An issue was found on the Ruijie EG-2000 series gateway. An attacker can easily dump cleartext stored passwords in /data/config.text with simple XORs. This affects EG-2000SE EG_RGOS 11.1(1)B1.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2019-16638"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-312"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-07-16T17:15:10Z",
    "severity": "HIGH"
  },
  "details": "An issue was found on the Ruijie EG-2000 series gateway. An attacker can easily dump cleartext stored passwords in /data/config.text with simple XORs. This affects EG-2000SE EG_RGOS 11.1(1)B1.",
  "id": "GHSA-rwrj-7c92-9hmp",
  "modified": "2024-09-10T18:30:42Z",
  "published": "2024-07-16T18:31:42Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-16638"
    },
    {
      "type": "WEB",
      "url": "https://0x.mk/?p=239"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-RX4J-X3FH-9QWG

Vulnerability from github – Published: 2022-05-24 16:58 – Updated: 2023-09-25 19:36
VLAI
Summary
Centreon Sensitive Data Exposure
Details

In Centreon Web through 2.8.29, disclosure of external components' passwords allows authenticated attackers to move laterally to external components.

Show details on source website

{
  "affected": [
    {
      "database_specific": {
        "last_known_affected_version_range": "\u003c= 2.8.29"
      },
      "package": {
        "ecosystem": "Packagist",
        "name": "centreon/centreon"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "2.8.30"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2019-17106"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-312"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2023-07-17T22:12:18Z",
    "nvd_published_at": "2019-10-08T13:15:00Z",
    "severity": "MODERATE"
  },
  "details": "In Centreon Web through 2.8.29, disclosure of external components\u0027 passwords allows authenticated attackers to move laterally to external components.",
  "id": "GHSA-rx4j-x3fh-9qwg",
  "modified": "2023-09-25T19:36:16Z",
  "published": "2022-05-24T16:58:02Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-17106"
    },
    {
      "type": "WEB",
      "url": "https://github.com/centreon/centreon-archived/issues/7098"
    },
    {
      "type": "WEB",
      "url": "https://github.com/centreon/centreon-archived/pull/9311"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/centreon/centreon-archived"
    },
    {
      "type": "WEB",
      "url": "https://www.openwall.com/lists/oss-security/2019/10/08/1"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
      "type": "CVSS_V3"
    }
  ],
  "summary": "Centreon Sensitive Data Exposure"
}

GHSA-RX76-XW35-6RH8

Vulnerability from github – Published: 2023-01-31 12:30 – Updated: 2023-02-07 21:16
VLAI
Summary
Apache Linkis vulnerable to Exposure of Sensitive Information
Details

In Apache Linkis <=1.3.0 when used with the MySQL Connector/J, an authenticated attacker could read arbitrary local file by connecting a rogue mysql server, By adding allowLoadLocalInfile to true in the jdbc parameter. Therefore, the parameters in the jdbc url should be blacklisted. Versions of Apache Linkis <= 1.3.0 will be affected. We recommend users upgrade the version of Linkis to version 1.3.1

Show details on source website

{
  "affected": [
    {
      "package": {
        "ecosystem": "Maven",
        "name": "org.apache.linkis:linkis"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "1.3.1"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2022-44644"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-20",
      "CWE-200",
      "CWE-312"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2023-02-02T00:09:07Z",
    "nvd_published_at": "2023-01-31T10:15:00Z",
    "severity": "MODERATE"
  },
  "details": "In Apache Linkis \u003c=1.3.0 when used with the MySQL Connector/J, an authenticated attacker could read arbitrary local file by connecting a rogue mysql server, By adding allowLoadLocalInfile to true in the jdbc parameter. Therefore, the parameters in the jdbc url should be blacklisted. Versions of Apache Linkis \u003c= 1.3.0 will be affected. We recommend users upgrade the version of Linkis to version 1.3.1",
  "id": "GHSA-rx76-xw35-6rh8",
  "modified": "2023-02-07T21:16:30Z",
  "published": "2023-01-31T12:30:24Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-44644"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/apache/linkis"
    },
    {
      "type": "WEB",
      "url": "https://lists.apache.org/thread/hwq9ytq6y1kdh9lz5znptkcrdll9x85h"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
      "type": "CVSS_V3"
    }
  ],
  "summary": "Apache Linkis vulnerable to Exposure of Sensitive Information"
}

Mitigation
Implementation System Configuration Operation

When storing data in the cloud (e.g., S3 buckets, Azure blobs, Google Cloud Storage, etc.), use the provider's controls to encrypt the data at rest. [REF-1297] [REF-1299] [REF-1301]

Mitigation
Implementation System Configuration Operation

In some systems/environments such as cloud, the use of "double encryption" (at both the software and hardware layer) might be required, and the developer might be solely responsible for both layers, instead of shared responsibility with the administrator of the broader system/environment.

CAPEC-37: Retrieve Embedded Sensitive Data

An attacker examines a target system to find sensitive data that has been embedded within it. This information can reveal confidential contents, such as account numbers or individual keys/credentials that can be used as an intermediate step in a larger attack.