CWE-312
AllowedCleartext Storage of Sensitive Information
Abstraction: Base · Status: Draft
The product stores sensitive information in cleartext within a resource that might be accessible to another control sphere.
1017 vulnerabilities reference this CWE, most recent first.
GHSA-VMPM-J7PR-PXXH
Vulnerability from github – Published: 2022-03-17 00:00 – Updated: 2022-03-29 00:01SnapCenter versions prior to 4.5 are susceptible to a vulnerability which could allow a local authenticated attacker to discover plaintext HANA credentials.
{
"affected": [],
"aliases": [
"CVE-2022-23234"
],
"database_specific": {
"cwe_ids": [
"CWE-312"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2022-03-16T15:15:00Z",
"severity": "MODERATE"
},
"details": "SnapCenter versions prior to 4.5 are susceptible to a vulnerability which could allow a local authenticated attacker to discover plaintext HANA credentials.",
"id": "GHSA-vmpm-j7pr-pxxh",
"modified": "2022-03-29T00:01:39Z",
"published": "2022-03-17T00:00:24Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-23234"
},
{
"type": "WEB",
"url": "https://security.netapp.com/advisory/ntap-20220228-0001"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-VPP2-J4X9-VP5C
Vulnerability from github – Published: 2022-05-24 16:50 – Updated: 2024-04-04 01:19TronLink Wallet 2.2.0 stores user wallet keystore in plaintext and places them in insecure storage. An attacker can read and reuse the user keystore of a valid user via /data/data/com.tronlink.wallet/shared_prefs/.xml to gain unauthorized access.
{
"affected": [],
"aliases": [
"CVE-2019-13096"
],
"database_specific": {
"cwe_ids": [
"CWE-312"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2019-07-22T17:15:00Z",
"severity": "CRITICAL"
},
"details": "TronLink Wallet 2.2.0 stores user wallet keystore in plaintext and places them in insecure storage. An attacker can read and reuse the user keystore of a valid user via /data/data/com.tronlink.wallet/shared_prefs/\u003cwallet-name\u003e.xml to gain unauthorized access.",
"id": "GHSA-vpp2-j4x9-vp5c",
"modified": "2024-04-04T01:19:54Z",
"published": "2022-05-24T16:50:51Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-13096"
},
{
"type": "WEB",
"url": "https://pastebin.com/raw/08REmV1X"
},
{
"type": "WEB",
"url": "https://pastebin.com/raw/J9B8Lh0j"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-VQF9-X5CX-JWW3
Vulnerability from github – Published: 2022-05-13 01:32 – Updated: 2022-05-13 01:32IBM Robotic Process Automation with Automation Anywhere 11 could store highly sensitive information in the form of unencrypted passwords that would be available to a local user. IBM X-Force ID: 151713.
{
"affected": [],
"aliases": [
"CVE-2018-1877"
],
"database_specific": {
"cwe_ids": [
"CWE-312"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2018-11-02T15:29:00Z",
"severity": "HIGH"
},
"details": "IBM Robotic Process Automation with Automation Anywhere 11 could store highly sensitive information in the form of unencrypted passwords that would be available to a local user. IBM X-Force ID: 151713.",
"id": "GHSA-vqf9-x5cx-jww3",
"modified": "2022-05-13T01:32:33Z",
"published": "2022-05-13T01:32:33Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-1877"
},
{
"type": "WEB",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/151713"
},
{
"type": "WEB",
"url": "http://www.ibm.com/support/docview.wss?uid=ibm10735973"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-VRFC-3WHC-J2HQ
Vulnerability from github – Published: 2022-05-01 18:36 – Updated: 2025-04-09 03:47Mobile Spy (1) stores login credentials in cleartext under the RetinaxStudios registry key, and (2) sends login credentials and log data over a cleartext HTTP connection, which allows attackers to obtain sensitive information by reading the registry or sniffing the network.
{
"affected": [],
"aliases": [
"CVE-2007-5778"
],
"database_specific": {
"cwe_ids": [
"CWE-312"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2007-11-01T16:46:00Z",
"severity": "MODERATE"
},
"details": "Mobile Spy (1) stores login credentials in cleartext under the RetinaxStudios registry key, and (2) sends login credentials and log data over a cleartext HTTP connection, which allows attackers to obtain sensitive information by reading the registry or sniffing the network.",
"id": "GHSA-vrfc-3whc-j2hq",
"modified": "2025-04-09T03:47:59Z",
"published": "2022-05-01T18:36:38Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2007-5778"
},
{
"type": "WEB",
"url": "http://osvdb.org/43625"
},
{
"type": "WEB",
"url": "http://osvdb.org/43626"
},
{
"type": "WEB",
"url": "http://securityreason.com/securityalert/3333"
},
{
"type": "WEB",
"url": "http://www.airscanner.com/security/07101401_mobilespy.htm"
},
{
"type": "WEB",
"url": "http://www.informit.com/articles/article.aspx?p=1077909"
},
{
"type": "WEB",
"url": "http://www.securityfocus.com/archive/1/482663/100/0/threaded"
},
{
"type": "WEB",
"url": "http://www.securityfocus.com/bid/26177"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-VRMF-9X5H-2HR7
Vulnerability from github – Published: 2023-04-24 15:30 – Updated: 2024-04-04 03:39Ribose RNP before 0.16.3 sometimes lets secret keys remain unlocked after use.
{
"affected": [],
"aliases": [
"CVE-2023-29480"
],
"database_specific": {
"cwe_ids": [
"CWE-312"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2023-04-24T15:15:08Z",
"severity": "HIGH"
},
"details": "Ribose RNP before 0.16.3 sometimes lets secret keys remain unlocked after use.",
"id": "GHSA-vrmf-9x5h-2hr7",
"modified": "2024-04-04T03:39:22Z",
"published": "2023-04-24T15:30:34Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-29480"
},
{
"type": "WEB",
"url": "https://www.rnpgp.org/blog/2023-04-13-rnp-release-0-16-3"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-VRP4-MRFP-3J9C
Vulnerability from github – Published: 2024-05-14 18:30 – Updated: 2025-11-03 21:31A vulnerability has been identified in OPUPI0 AMQP/MQTT (All versions < V5.30). The affected devices stores MQTT client passwords without sufficient protection on the devices. An attacker with remote shell access or physical access could retrieve the credentials leading to confidentiality loss.
{
"affected": [],
"aliases": [
"CVE-2024-31486"
],
"database_specific": {
"cwe_ids": [
"CWE-312"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-05-14T16:16:51Z",
"severity": "MODERATE"
},
"details": "A vulnerability has been identified in OPUPI0 AMQP/MQTT (All versions \u003c V5.30). The affected devices stores MQTT client passwords without sufficient protection on the devices. An attacker with remote shell access or physical access could retrieve the credentials leading to confidentiality loss.",
"id": "GHSA-vrp4-mrfp-3j9c",
"modified": "2025-11-03T21:31:05Z",
"published": "2024-05-14T18:30:59Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-31486"
},
{
"type": "WEB",
"url": "https://cert-portal.siemens.com/productcert/html/ssa-871704.html"
},
{
"type": "WEB",
"url": "http://seclists.org/fulldisclosure/2024/Jul/4"
},
{
"type": "WEB",
"url": "http://seclists.org/fulldisclosure/2025/Feb/19"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
},
{
"score": "CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"type": "CVSS_V4"
}
]
}
GHSA-VRQ7-Q46G-P2FQ
Vulnerability from github – Published: 2022-05-24 17:38 – Updated: 2022-05-24 17:38An issue was discovered on D-Link DSL-2888A devices with firmware prior to AU_2.31_V1.1.47ae55. The One Touch application discloses sensitive information, such as the hashed admin login password and the Internet provider connection username and cleartext password, in the application's response body for a /tmp/var/passwd or /tmp/home/wan_stat URI.
{
"affected": [],
"aliases": [
"CVE-2020-24577"
],
"database_specific": {
"cwe_ids": [
"CWE-312"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2021-01-08T07:15:00Z",
"severity": "HIGH"
},
"details": "An issue was discovered on D-Link DSL-2888A devices with firmware prior to AU_2.31_V1.1.47ae55. The One Touch application discloses sensitive information, such as the hashed admin login password and the Internet provider connection username and cleartext password, in the application\u0027s response body for a /tmp/var/passwd or /tmp/home/wan_stat URI.",
"id": "GHSA-vrq7-q46g-p2fq",
"modified": "2022-05-24T17:38:19Z",
"published": "2022-05-24T17:38:19Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-24577"
},
{
"type": "WEB",
"url": "https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/d-link-multiple-security-vulnerabilities-leading-to-rce"
},
{
"type": "WEB",
"url": "https://www.trustwave.com/en-us/resources/security-resources/security-advisories"
},
{
"type": "WEB",
"url": "https://www.trustwave.com/en-us/resources/security-resources/security-advisories/?fid=28241"
}
],
"schema_version": "1.4.0",
"severity": []
}
GHSA-VRV3-8MCQ-PPF5
Vulnerability from github – Published: 2026-02-27 18:31 – Updated: 2026-03-30 21:31The OpenID Connect (OIDC) authentication configuration in PowerShell Universal before 2026.1.3 stores the OIDC client secret in cleartext in the .universal/authentication.ps1 script, which allows an attacker with read access to that file to obtain the OIDC client credentials
{
"affected": [],
"aliases": [
"CVE-2026-3277"
],
"database_specific": {
"cwe_ids": [
"CWE-312"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2026-02-27T16:16:26Z",
"severity": "MODERATE"
},
"details": "The OpenID Connect (OIDC) authentication configuration in PowerShell \nUniversal before 2026.1.3 stores the OIDC client secret in cleartext in \nthe .universal/authentication.ps1 script, which allows an attacker with read access to that file to obtain the OIDC client credentials",
"id": "GHSA-vrv3-8mcq-ppf5",
"modified": "2026-03-30T21:31:02Z",
"published": "2026-02-27T18:31:05Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-3277"
},
{
"type": "WEB",
"url": "https://devolutions.net/security/advisories/DEVO-2026-0006"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
},
{
"score": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"type": "CVSS_V4"
}
]
}
GHSA-VVP4-4HW7-Q58R
Vulnerability from github – Published: 2022-05-24 17:42 – Updated: 2024-03-21 03:34** UNSUPPORTED WHEN ASSIGNED ** In Directus 8.x through 8.8.1, an attacker can learn sensitive information such as the version of the CMS, the PHP version used by the site, and the name of the DBMS, simply by view the result of the api-aa, called automatically upon a connection. NOTE: This vulnerability only affects products that are no longer supported by the maintainer.
{
"affected": [],
"aliases": [
"CVE-2021-26595"
],
"database_specific": {
"cwe_ids": [
"CWE-312"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2021-02-23T19:15:00Z",
"severity": "MODERATE"
},
"details": "** UNSUPPORTED WHEN ASSIGNED ** In Directus 8.x through 8.8.1, an attacker can learn sensitive information such as the version of the CMS, the PHP version used by the site, and the name of the DBMS, simply by view the result of the api-aa, called automatically upon a connection. NOTE: This vulnerability only affects products that are no longer supported by the maintainer.",
"id": "GHSA-vvp4-4hw7-q58r",
"modified": "2024-03-21T03:34:03Z",
"published": "2022-05-24T17:42:55Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-26595"
},
{
"type": "WEB",
"url": "https://github.com/sgranel/directusv8"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-VW62-WVM7-JFWW
Vulnerability from github – Published: 2022-05-01 02:05 – Updated: 2024-02-13 18:38IMail stores usernames and passwords in cleartext in a cookie, which allows remote attackers to obtain sensitive information.
{
"affected": [],
"aliases": [
"CVE-2005-2160"
],
"database_specific": {
"cwe_ids": [
"CWE-312"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2005-07-06T04:00:00Z",
"severity": "MODERATE"
},
"details": "IMail stores usernames and passwords in cleartext in a cookie, which allows remote attackers to obtain sensitive information.",
"id": "GHSA-vw62-wvm7-jfww",
"modified": "2024-02-13T18:38:20Z",
"published": "2022-05-01T02:05:37Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2005-2160"
},
{
"type": "WEB",
"url": "http://marc.info/?l=bugtraq\u0026m=112060187204457\u0026w=2"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
}
]
}
Mitigation
When storing data in the cloud (e.g., S3 buckets, Azure blobs, Google Cloud Storage, etc.), use the provider's controls to encrypt the data at rest. [REF-1297] [REF-1299] [REF-1301]
Mitigation
In some systems/environments such as cloud, the use of "double encryption" (at both the software and hardware layer) might be required, and the developer might be solely responsible for both layers, instead of shared responsibility with the administrator of the broader system/environment.
CAPEC-37: Retrieve Embedded Sensitive Data
An attacker examines a target system to find sensitive data that has been embedded within it. This information can reveal confidential contents, such as account numbers or individual keys/credentials that can be used as an intermediate step in a larger attack.