High severity7.5NVD Advisory· Published Apr 17, 2026· Updated Jun 2, 2026
CVE-2025-15624
CVE-2025-15624
Description
Plaintext Storage of a Password vulnerability in Sparx Systems Pty Ltd. Sparx Pro Cloud Server. In a setup where OpenID is used as the primary method of authentication to authenticate to Sparx EA, Pro Cloud Server creates local passwords to the users and stores them in plaintext.
Affected products
2cpe:2.3:a:sparxsystems:pro_cloud_server:6.0.163:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:sparxsystems:pro_cloud_server:6.0.163:*:*:*:*:*:*:*
- (no CPE)
Patches
Vulnerability mechanics
References
1- sparxsystems.com/products/procloudserver/6.1/history.htmlnvdRelease Notes
News mentions
0No linked articles in our index yet.