CWE-312
Cleartext Storage of Sensitive Information
Description
The product stores sensitive information in cleartext within a resource that might be accessible to another control sphere.
Hierarchy (View 1000)
Related attack patterns (CAPEC)
CAPEC-37
CVEs mapped to this weakness (269)
page 1 of 14| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2026-31848 | Cri | 0.64 | 9.8 | 0.00 | Mar 23, 2026 | Nexxt Solutions Nebula 300+ firmware through version 12.01.01.37 uses the ecos_pw cookie for authentication, which contains Base64-encoded credential data combined with a static suffix. Because the encoding is reversible and lacks integrity protection, an attacker can… | ||
| CVE-2025-30124 | Cri | 0.64 | 9.8 | 0.00 | Jul 28, 2025 | An issue was discovered on Marbella KR8s Dashcam FF 2.0.8 devices. When a new SD card is inserted into the dashcam, the existing password is written onto the SD card in cleartext automatically. An attacker with temporary access to the dashcam can switch the SD card to steal this… | ||
| CVE-2017-5250 | Cri | 0.64 | 9.8 | 0.01 | Feb 22, 2018 | In version 1.9.7 and prior of Insteon's Insteon for Hub Android app, the OAuth token used by the app to authorize user access is not stored in an encrypted and secure manner. | ||
| CVE-2017-5249 | Cri | 0.64 | 9.8 | 0.01 | Feb 22, 2018 | In version 6.1.0.19 and prior of Wink Labs's Wink - Smart Home Android app, the OAuth token used by the app to authorize user access is not stored in an encrypted and secure manner. | ||
| CVE-2008-0174 | Cri | 0.64 | 9.8 | 0.02 | Jan 29, 2008 | GE Fanuc Proficy Real-Time Information Portal 2.6 and earlier uses HTTP Basic Authentication, which transmits usernames and passwords in base64-encoded cleartext and allows remote attackers to steal the passwords and gain privileges. | ||
| CVE-2001-1481 | Cri | 0.64 | 9.8 | 0.03 | Dec 31, 2001 | Xitami 2.4 through 2.5 b4 stores the Administrator password in plaintext in the default.aut file, whose default permissions are world-readable, which allows remote attackers to gain privileges. | ||
| CVE-2025-14815 | Cri | 0.60 | — | 0.00 | Apr 8, 2026 | Cleartext Storage of Sensitive Information vulnerability in Mitsubishi Electric GENESIS64 versions 10.97.3 and prior, Mitsubishi Electric ICONICS Suite versions 10.97.3 and prior, Mitsubishi Electric MobileHMI versions 10.97.3 and prior, Mitsubishi Electric Hyper Historian… | ||
| CVE-2025-7426 | Cri | 0.60 | — | 0.00 | Aug 25, 2025 | Information disclosure and exposure of authentication FTP credentials over the debug port 1604 in the MINOVA TTA service. This allows unauthenticated remote access to an active FTP account containing sensitive internal data and import structures. In environments where this FTP… | ||
| CVE-2024-46505 | Cri | 0.59 | 9.1 | 0.00 | Jan 9, 2025 | Infoblox BloxOne v2.4 was discovered to contain a business logic flaw due to thick client vulnerabilities. | ||
| CVE-2024-40457 | Cri | 0.59 | 9.1 | 0.01 | Sep 12, 2024 | No-IP Dynamic Update Client (DUC) v3.x uses cleartext credentials that may occur on a command line or in a file. NOTE: the vendor's position is that cleartext in /etc/default/noip-duc is recommended and is the intentional behavior. | ||
| CVE-2024-36497 | Cri | 0.59 | 9.1 | 0.00 | Jun 24, 2024 | The decrypted configuration file contains the password in cleartext which is used to configure WINSelect. It can be used to remove the existing restrictions and disable WINSelect entirely. | ||
| CVE-2026-43992 | Cri | 0.57 | 9.8 | 0.00 | May 12, 2026 | JunoClaw is an agentic AI platform built on Juno Network. Prior to 0.x.y-security-1, every MCP write tool (send_tokens, execute_contract, instantiate_contract, upload_wasm, ibc_transfer, etc.) accepted 'mnemonic: string' as an explicit tool-call parameter. The BIP-39 seed was… | ||
| CVE-2025-14377 | Hig | 0.57 | — | 0.00 | Jan 20, 2026 | A security issue was discovered within the legacy Ansible playbook component of Verve Asset Manager, caused by plaintext secrets incorrectly stored when a playbook is running. This component has been retired and has been optional since the 1.36 release in 2024. | ||
| CVE-2024-58277 | Hig | 0.57 | — | 0.00 | Dec 4, 2025 | R Radio Network FM Transmitter 1.07 allows unauthenticated attackers to access the admin user's password through the system.cgi endpoint, enabling authentication bypass and FM station setup access. | ||
| CVE-2017-9654 | Hig | 0.57 | 8.8 | 0.01 | Apr 24, 2018 | The Philips DoseWise Portal web-based application versions 1.1.7.333 and 2.1.1.3069 stores login credentials in clear text within backend system files. CVSS v3 base score: 6.5, CVSS vector string: AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N. | ||
| CVE-2024-8070 | — | Hig | 0.55 | 8.5 | 0.00 | Oct 13, 2024 | CWE-312: Cleartext Storage of Sensitive Information vulnerability exists that exposes test credentials in the firmware binary | |
| CVE-2024-28327 | Hig | 0.55 | 8.4 | 0.00 | Apr 26, 2024 | Asus RT-N12+ B1 router stores user passwords in plaintext, which could allow local attackers to obtain unauthorized access and modify router settings. | ||
| CVE-2025-32353 | Hig | 0.53 | 8.2 | 0.00 | Jul 16, 2025 | Kaseya Rapid Fire Tools Network Detective 2.0.16.0 has Unencrypted Credentials (for privileged access) stored in the collector.txt configuration file. | ||
| CVE-2025-23215 | Cri | 0.53 | — | 0.00 | Jan 31, 2025 | PMD is an extensible multilanguage static code analyzer. The passphrase for the PMD and PMD Designer release signing keys are included in jar published to Maven Central. The private key itself is not known to have been compromised itself, but given its passphrase is, it must… | ||
| CVE-2026-33026 | Cri | 0.52 | 9.1 | 0.00 | Mar 30, 2026 | Nginx UI is a web user interface for the Nginx web server. Prior to version 2.3.4, the nginx-ui backup restore mechanism allows attackers to tamper with encrypted backup archives and inject malicious configuration during restoration. This issue has been patched in version 2.3.4. |
- risk 0.64cvss 9.8epss 0.00
Nexxt Solutions Nebula 300+ firmware through version 12.01.01.37 uses the ecos_pw cookie for authentication, which contains Base64-encoded credential data combined with a static suffix. Because the encoding is reversible and lacks integrity protection, an attacker can…
- risk 0.64cvss 9.8epss 0.00
An issue was discovered on Marbella KR8s Dashcam FF 2.0.8 devices. When a new SD card is inserted into the dashcam, the existing password is written onto the SD card in cleartext automatically. An attacker with temporary access to the dashcam can switch the SD card to steal this…
- risk 0.64cvss 9.8epss 0.01
In version 1.9.7 and prior of Insteon's Insteon for Hub Android app, the OAuth token used by the app to authorize user access is not stored in an encrypted and secure manner.
- risk 0.64cvss 9.8epss 0.01
In version 6.1.0.19 and prior of Wink Labs's Wink - Smart Home Android app, the OAuth token used by the app to authorize user access is not stored in an encrypted and secure manner.
- risk 0.64cvss 9.8epss 0.02
GE Fanuc Proficy Real-Time Information Portal 2.6 and earlier uses HTTP Basic Authentication, which transmits usernames and passwords in base64-encoded cleartext and allows remote attackers to steal the passwords and gain privileges.
- risk 0.64cvss 9.8epss 0.03
Xitami 2.4 through 2.5 b4 stores the Administrator password in plaintext in the default.aut file, whose default permissions are world-readable, which allows remote attackers to gain privileges.
- risk 0.60cvss —epss 0.00
Cleartext Storage of Sensitive Information vulnerability in Mitsubishi Electric GENESIS64 versions 10.97.3 and prior, Mitsubishi Electric ICONICS Suite versions 10.97.3 and prior, Mitsubishi Electric MobileHMI versions 10.97.3 and prior, Mitsubishi Electric Hyper Historian…
- risk 0.60cvss —epss 0.00
Information disclosure and exposure of authentication FTP credentials over the debug port 1604 in the MINOVA TTA service. This allows unauthenticated remote access to an active FTP account containing sensitive internal data and import structures. In environments where this FTP…
- risk 0.59cvss 9.1epss 0.00
Infoblox BloxOne v2.4 was discovered to contain a business logic flaw due to thick client vulnerabilities.
- risk 0.59cvss 9.1epss 0.01
No-IP Dynamic Update Client (DUC) v3.x uses cleartext credentials that may occur on a command line or in a file. NOTE: the vendor's position is that cleartext in /etc/default/noip-duc is recommended and is the intentional behavior.
- risk 0.59cvss 9.1epss 0.00
The decrypted configuration file contains the password in cleartext which is used to configure WINSelect. It can be used to remove the existing restrictions and disable WINSelect entirely.
- risk 0.57cvss 9.8epss 0.00
JunoClaw is an agentic AI platform built on Juno Network. Prior to 0.x.y-security-1, every MCP write tool (send_tokens, execute_contract, instantiate_contract, upload_wasm, ibc_transfer, etc.) accepted 'mnemonic: string' as an explicit tool-call parameter. The BIP-39 seed was…
- risk 0.57cvss —epss 0.00
A security issue was discovered within the legacy Ansible playbook component of Verve Asset Manager, caused by plaintext secrets incorrectly stored when a playbook is running. This component has been retired and has been optional since the 1.36 release in 2024.
- risk 0.57cvss —epss 0.00
R Radio Network FM Transmitter 1.07 allows unauthenticated attackers to access the admin user's password through the system.cgi endpoint, enabling authentication bypass and FM station setup access.
- risk 0.57cvss 8.8epss 0.01
The Philips DoseWise Portal web-based application versions 1.1.7.333 and 2.1.1.3069 stores login credentials in clear text within backend system files. CVSS v3 base score: 6.5, CVSS vector string: AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N.
- risk 0.55cvss 8.5epss 0.00
CWE-312: Cleartext Storage of Sensitive Information vulnerability exists that exposes test credentials in the firmware binary
- risk 0.55cvss 8.4epss 0.00
Asus RT-N12+ B1 router stores user passwords in plaintext, which could allow local attackers to obtain unauthorized access and modify router settings.
- risk 0.53cvss 8.2epss 0.00
Kaseya Rapid Fire Tools Network Detective 2.0.16.0 has Unencrypted Credentials (for privileged access) stored in the collector.txt configuration file.
- risk 0.53cvss —epss 0.00
PMD is an extensible multilanguage static code analyzer. The passphrase for the PMD and PMD Designer release signing keys are included in jar published to Maven Central. The private key itself is not known to have been compromised itself, but given its passphrase is, it must…
- risk 0.52cvss 9.1epss 0.00
Nginx UI is a web user interface for the Nginx web server. Prior to version 2.3.4, the nginx-ui backup restore mechanism allows attackers to tamper with encrypted backup archives and inject malicious configuration during restoration. This issue has been patched in version 2.3.4.