Common Weakness Enumeration

CWE-922

Allowed-with-Review

Insecure Storage of Sensitive Information

Abstraction: Class · Status: Incomplete

The product stores sensitive information without properly limiting read or write access by unauthorized actors.

437 vulnerabilities reference this CWE, most recent first.

GHSA-XH6M-7CR7-XX66

Vulnerability from github – Published: 2024-02-27 21:54 – Updated: 2025-05-30 12:36
VLAI
Summary
Missing permission checks on Hazelcast client protocol
Details

Impact

In Hazelcast through 4.1.10, 4.2 through 4.2.8, 5.0 through 5.0.5, 5.1 through 5.1.7, 5.2 through 5.2.4, and 5.3 through 5.3.2, some client operations don't check permissions properly, allowing authenticated users to access data stored in the cluster.

Patches

Fix versions: 5.2.5, 5.3.5, 5.4.0-BETA-1

Workarounds

There is no known workaround.

Show details on source website

{
  "affected": [
    {
      "package": {
        "ecosystem": "Maven",
        "name": "com.hazelcast:hazelcast"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "last_affected": "4.1.10"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "Maven",
        "name": "com.hazelcast:hazelcast"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "4.2"
            },
            {
              "last_affected": "4.2.8"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "Maven",
        "name": "com.hazelcast:hazelcast"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "5.0"
            },
            {
              "last_affected": "5.0.5"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "Maven",
        "name": "com.hazelcast:hazelcast"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "5.1"
            },
            {
              "last_affected": "5.1.7"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "database_specific": {
        "last_known_affected_version_range": "\u003c= 5.2.4"
      },
      "package": {
        "ecosystem": "Maven",
        "name": "com.hazelcast:hazelcast"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "5.2.0"
            },
            {
              "fixed": "5.2.5"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "Maven",
        "name": "com.hazelcast:hazelcast"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "5.3.0"
            },
            {
              "fixed": "5.3.5"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "Maven",
        "name": "com.hazelcast:hazelcast-all"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "last_affected": "4.1.10"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "Maven",
        "name": "com.hazelcast:hazelcast-all"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "4.2"
            },
            {
              "last_affected": "4.2.8"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2023-45859"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-281",
      "CWE-922"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2024-02-27T21:54:15Z",
    "nvd_published_at": "2024-02-28T22:15:26Z",
    "severity": "HIGH"
  },
  "details": "### Impact\nIn Hazelcast through 4.1.10, 4.2 through 4.2.8, 5.0 through 5.0.5, 5.1 through 5.1.7, 5.2 through 5.2.4, and 5.3 through 5.3.2, some client operations don\u0027t check permissions properly, allowing authenticated users to access data stored in the cluster.\n\n### Patches\nFix versions: 5.2.5, 5.3.5, 5.4.0-BETA-1\n\n### Workarounds\nThere is no known workaround.",
  "id": "GHSA-xh6m-7cr7-xx66",
  "modified": "2025-05-30T12:36:04Z",
  "published": "2024-02-27T21:54:15Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://github.com/hazelcast/hazelcast/security/advisories/GHSA-xh6m-7cr7-xx66"
    },
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-45859"
    },
    {
      "type": "WEB",
      "url": "https://github.com/hazelcast/hazelcast/pull/25509"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/hazelcast/hazelcast"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:L",
      "type": "CVSS_V3"
    }
  ],
  "summary": "Missing permission checks on Hazelcast client protocol"
}

GHSA-XH6M-FR4R-MQJ3

Vulnerability from github – Published: 2025-01-28 00:32 – Updated: 2025-11-03 21:32
VLAI
Details

This issue was addressed with improved redaction of sensitive information. This issue is fixed in iPadOS 17.7.4, visionOS 2.3, iOS 18.3 and iPadOS 18.3, macOS Sequoia 15.3, watchOS 11.3. An app may be able to fingerprint the user.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2025-24117"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-922"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-01-27T22:15:16Z",
    "severity": "MODERATE"
  },
  "details": "This issue was addressed with improved redaction of sensitive information. This issue is fixed in iPadOS 17.7.4, visionOS 2.3, iOS 18.3 and iPadOS 18.3, macOS Sequoia 15.3, watchOS 11.3. An app may be able to fingerprint the user.",
  "id": "GHSA-xh6m-fr4r-mqj3",
  "modified": "2025-11-03T21:32:24Z",
  "published": "2025-01-28T00:32:14Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-24117"
    },
    {
      "type": "WEB",
      "url": "https://support.apple.com/en-us/122066"
    },
    {
      "type": "WEB",
      "url": "https://support.apple.com/en-us/122067"
    },
    {
      "type": "WEB",
      "url": "https://support.apple.com/en-us/122068"
    },
    {
      "type": "WEB",
      "url": "https://support.apple.com/en-us/122071"
    },
    {
      "type": "WEB",
      "url": "https://support.apple.com/en-us/122073"
    },
    {
      "type": "WEB",
      "url": "http://seclists.org/fulldisclosure/2025/Jan/12"
    },
    {
      "type": "WEB",
      "url": "http://seclists.org/fulldisclosure/2025/Jan/14"
    },
    {
      "type": "WEB",
      "url": "http://seclists.org/fulldisclosure/2025/Jan/15"
    },
    {
      "type": "WEB",
      "url": "http://seclists.org/fulldisclosure/2025/Jan/18"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-XQJ3-24QW-FG69

Vulnerability from github – Published: 2022-05-24 17:34 – Updated: 2022-05-24 17:34
VLAI
Details

An authentication bypass in the debug interface in Mercedes-Benz HERMES 2.1 allows an attacker with physical access to device hardware to obtain system information.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2019-19562"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-922"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2020-11-16T00:15:00Z",
    "severity": "MODERATE"
  },
  "details": "An authentication bypass in the debug interface in Mercedes-Benz HERMES 2.1 allows an attacker with physical access to device hardware to obtain system information.",
  "id": "GHSA-xqj3-24qw-fg69",
  "modified": "2022-05-24T17:34:15Z",
  "published": "2022-05-24T17:34:15Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-19562"
    },
    {
      "type": "WEB",
      "url": "https://media.daimler.com/marsMediaSite/en/instance/ko/Mercedes-Benz-and-360-Group-to-join-forces-Mercedes-Benz-and-360-Group-with-its-Cyber-Security-Brain-work-together-to-strengthen-car-IT-security-for-industry.xhtml?oid=45208829"
    },
    {
      "type": "WEB",
      "url": "https://skygo.360.cn/archive/Security-Research-Report-on-Mercedes-Benz-Cars-en.pdf"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

GHSA-XRJ7-X7GP-WWQR

Vulnerability from github – Published: 2024-02-09 18:31 – Updated: 2024-08-19 20:48
VLAI
Summary
Apache Solr's Streaming Expressions allow users to extract data from other Solr Clouds
Details

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Apache Solr. This issue affects Apache Solr from 6.0.0 through 8.11.2, from 9.0.0 before 9.4.1.

Solr Streaming Expressions allows users to extract data from other Solr Clouds, using a "zkHost" parameter.

When original SolrCloud is setup to use ZooKeeper credentials and ACLs, they will be sent to whatever "zkHost" the user provides.

An attacker could setup a server to mock ZooKeeper, that accepts ZooKeeper requests with credentials and ACLs and extracts the sensitive information, then send a streaming expression using the mock server's address in "zkHost".

Streaming Expressions are exposed via the "/streaming" handler, with "read" permissions.

Users are recommended to upgrade to version 8.11.3 or 9.4.1, which fix the issue.

From these versions on, only zkHost values that have the same server address (regardless of chroot), will use the given ZooKeeper credentials and ACLs when connecting.

Show details on source website

{
  "affected": [
    {
      "package": {
        "ecosystem": "Maven",
        "name": "org.apache.solr:solr-solrj-streaming"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "9.0.0"
            },
            {
              "fixed": "9.4.1"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "Maven",
        "name": "org.apache.solr:solr-solrj-streaming"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "6.0.0"
            },
            {
              "fixed": "8.11.3"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "Maven",
        "name": "org.apache.solr:solr-solrj"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "9.0.0"
            },
            {
              "fixed": "9.4.1"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "Maven",
        "name": "org.apache.solr:solr-solrj"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "6.0.0"
            },
            {
              "fixed": "8.11.3"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2023-50298"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-200",
      "CWE-922"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2024-02-09T20:57:43Z",
    "nvd_published_at": "2024-02-09T18:15:08Z",
    "severity": "MODERATE"
  },
  "details": "Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Apache Solr. This issue affects Apache Solr from 6.0.0 through 8.11.2, from 9.0.0 before 9.4.1.\n\nSolr Streaming Expressions allows users to extract data from other Solr Clouds, using a \"zkHost\" parameter.\n\nWhen original SolrCloud is setup to use ZooKeeper credentials and ACLs, they will be sent to whatever \"zkHost\" the user provides.\n\nAn attacker could setup a server to mock ZooKeeper, that accepts ZooKeeper requests with credentials and ACLs and extracts the sensitive information, then send a streaming expression using the mock server\u0027s address in \"zkHost\".\n\nStreaming Expressions are exposed via the \"/streaming\" handler, with \"read\" permissions.\n\nUsers are recommended to upgrade to version 8.11.3 or 9.4.1, which fix the issue.\n\nFrom these versions on, only zkHost values that have the same server address (regardless of chroot), will use the given ZooKeeper credentials and ACLs when connecting.",
  "id": "GHSA-xrj7-x7gp-wwqr",
  "modified": "2024-08-19T20:48:46Z",
  "published": "2024-02-09T18:31:07Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-50298"
    },
    {
      "type": "WEB",
      "url": "https://github.com/apache/lucene-solr/commit/61c956c426b2cfb85ccef55d1afca4335eacd269"
    },
    {
      "type": "WEB",
      "url": "https://github.com/apache/solr/commit/e2bf1f434aad873fbb24c21d46ac00e888806d98"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/apache/solr"
    },
    {
      "type": "WEB",
      "url": "https://issues.apache.org/jira/browse/SOLR-17098"
    },
    {
      "type": "WEB",
      "url": "https://solr.apache.org/security.html#cve-2023-50298-apache-solr-can-expose-zookeeper-credentials-via-streaming-expressions"
    },
    {
      "type": "WEB",
      "url": "http://www.openwall.com/lists/oss-security/2024/02/09/2"
    },
    {
      "type": "WEB",
      "url": "http://www.openwall.com/lists/oss-security/2024/02/09/3"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
      "type": "CVSS_V3"
    },
    {
      "score": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:P",
      "type": "CVSS_V4"
    }
  ],
  "summary": "Apache Solr\u0027s Streaming Expressions allow users to extract data from other Solr Clouds"
}

GHSA-XRPR-8XPG-CF34

Vulnerability from github – Published: 2024-04-01 03:30 – Updated: 2024-10-30 21:30
VLAI
Details

In flashc, there is a possible information disclosure due to an uncaught exception. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08541757; Issue ID: ALPS08541757.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2024-20050"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-922"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-04-01T03:15:08Z",
    "severity": "MODERATE"
  },
  "details": "In flashc, there is a possible information disclosure due to an uncaught exception. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08541757; Issue ID: ALPS08541757.",
  "id": "GHSA-xrpr-8xpg-cf34",
  "modified": "2024-10-30T21:30:37Z",
  "published": "2024-04-01T03:30:41Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-20050"
    },
    {
      "type": "WEB",
      "url": "https://corp.mediatek.com/product-security-bulletin/April-2024"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-XXCM-4V4P-F9RR

Vulnerability from github – Published: 2025-07-31 21:31 – Updated: 2025-07-31 21:31
VLAI
Details

A vulnerability was discovered in the storage policy for certain sets of sensitive credential information in the HPE Telco Network Function Virtual Orchestrator. Successful Exploitation could lead to unauthorized parties gaining access to sensitive system information.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2025-37110"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-922"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-07-31T20:15:32Z",
    "severity": "MODERATE"
  },
  "details": "A vulnerability was discovered in the storage policy for certain sets of sensitive credential information in the HPE Telco Network Function Virtual Orchestrator. Successful Exploitation could lead to unauthorized parties gaining access to sensitive system information.",
  "id": "GHSA-xxcm-4v4p-f9rr",
  "modified": "2025-07-31T21:31:54Z",
  "published": "2025-07-31T21:31:54Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-37110"
    },
    {
      "type": "WEB",
      "url": "https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbnw04891en_us"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-XXWQ-5H7X-MM4X

Vulnerability from github – Published: 2024-07-19 12:31 – Updated: 2024-07-19 12:31
VLAI
Details

A vulnerability in Zowe CLI allows local, privileged actors to display securely stored properties in cleartext within a terminal using the '--show-inputs-only' flag.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2024-6916"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-922"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-07-19T11:15:04Z",
    "severity": "MODERATE"
  },
  "details": "A vulnerability in Zowe CLI allows local, privileged actors to display securely stored properties in cleartext within a terminal using the \u0027--show-inputs-only\u0027 flag.",
  "id": "GHSA-xxwq-5h7x-mm4x",
  "modified": "2024-07-19T12:31:28Z",
  "published": "2024-07-19T12:31:28Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-6916"
    },
    {
      "type": "WEB",
      "url": "https://github.com/zowe/zowe-cli/packages/imperative"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:H/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

No mitigation information available for this CWE.

No CAPEC attack patterns related to this CWE.