VYPR

CWE-312

Cleartext Storage of Sensitive Information

BaseDraft

Description

The product stores sensitive information in cleartext within a resource that might be accessible to another control sphere.

Hierarchy (View 1000)

Related attack patterns (CAPEC)

CAPEC-37

CVEs mapped to this weakness (269)

page 3 of 14
  • CVE-2016-0876HigMay 31, 2016
    risk 0.49cvss 7.5epss 0.01

    Moxa Secure Router EDR-G903 devices before 3.4.12 allow remote attackers to discover cleartext passwords by reading a configuration file.

  • CVE-2011-4723MedKEVDec 20, 2011
    risk 0.49cvss 5.7epss 0.03

    The D-Link DIR-300 router stores cleartext passwords, which allows context-dependent attackers to obtain sensitive information via unspecified vectors.

  • CVE-2009-2272HigJul 1, 2009
    risk 0.49cvss 7.5epss 0.01

    The Huawei D100 stores the administrator's account name and password in cleartext in a cookie, which allows context-dependent attackers to obtain sensitive information by (1) reading a cookie file, by (2) sniffing the network for HTTP headers, and possibly by using unspecified…

  • CVE-2009-0152HigMay 13, 2009
    risk 0.49cvss 7.5epss 0.02

    iChat in Apple Mac OS X 10.5 before 10.5.7 disables SSL for AOL Instant Messenger (AIM) communication in certain circumstances that are inconsistent with the Require SSL setting, which allows remote attackers to obtain sensitive information by sniffing the network.

  • CVE-2009-1603HigMay 11, 2009
    risk 0.49cvss 7.5epss 0.01

    src/tools/pkcs11-tool.c in pkcs11-tool in OpenSC 0.11.7, when used with unspecified third-party PKCS#11 modules, generates RSA keys with incorrect public exponents, which allows attackers to read the cleartext form of messages that were intended to be encrypted.

  • CVE-2007-5778HigNov 1, 2007
    risk 0.49cvss 7.5epss 0.01

    Mobile Spy (1) stores login credentials in cleartext under the RetinaxStudios registry key, and (2) sends login credentials and log data over a cleartext HTTP connection, which allows attackers to obtain sensitive information by reading the registry or sniffing the network.

  • CVE-2005-2160HigJul 6, 2005
    risk 0.49cvss 7.5epss 0.02

    IMail stores usernames and passwords in cleartext in a cookie, which allows remote attackers to obtain sensitive information.

  • CVE-2005-1828HigMay 26, 2005
    risk 0.49cvss 7.5epss 0.01

    D-Link DSL-504T stores usernames and passwords in cleartext in the router configuration file, which allows remote attackers to obtain sensitive information.

  • CVE-2004-2397HigDec 31, 2004
    risk 0.49cvss 7.5epss 0.01

    The web-based Management Console in Blue Coat Security Gateway OS 3.0 through 3.1.3.13 and 3.2.1, when importing a private key, stores the key and its passphrase in plaintext in a log file, which allows attackers to steal digital certificates.

  • CVE-2002-1800HigDec 31, 2002
    risk 0.49cvss 7.5epss 0.01

    phpRank 1.8 stores the administrative password in plaintext on the server and in the "ap" cookie, which allows remote attackers to retrieve the administrative password.

  • CVE-2001-1537HigDec 31, 2001
    risk 0.49cvss 7.5epss 0.01

    The default "basic" security setting' in config.php for TWIG webmail 2.7.4 and earlier stores cleartext usernames and passwords in cookies, which could allow attackers to obtain authentication information and gain privileges.

  • CVE-2001-1536HigDec 31, 2001
    risk 0.49cvss 7.5epss 0.01

    Autogalaxy stores usernames and passwords in cleartext in cookies, which makes it easier for remote attackers to obtain authentication information and gain unauthorized access via sniffing or a cross-site scripting attack.

  • CVE-2024-33471HigMay 24, 2024
    risk 0.47cvss 7.2epss 0.00

    An issue in the Sensor Settings of AVTECH Room Alert 4E v4.4.0 allows attackers to gain access to SMTP credentials in plaintext via a crafted AJAX request. NOTE: This vulnerability only affects products that are no longer supported by the maintainer.

  • CVE-2026-46622HigJun 11, 2026
    risk 0.46cvss 8.1epss 0.00

    SolidInvoice is an open-source invoicing platform. Prior to version 2.3.17, API tokens used to authenticate all REST API requests are stored as plaintext strings in the api_tokens database table. Any attacker who obtains read access to the database — through SQL injection, a…

  • CVE-2026-36176HigJun 4, 2026
    risk 0.46cvss 7.1epss 0.00

    GNCC GP5 v7.1.76 was discovered to store pre-signed Backblaze B2 upload URLs (PUT requests) in plaintext to the serial console. This allows physically-proximate attackers to extract these active tokens to perform unauthorized operations via monitoring the serial UART interface.

  • CVE-2025-59105HigJan 26, 2026
    risk 0.46cvss epss 0.00

    With physical access to the device and enough time an attacker can desolder the flash memory, modify it and then reinstall it because of missing encryption. Thus, essential files, such as "/etc/passwd", as well as stored certificates, cryptographic keys, stored PINs and so on…

  • CVE-2025-54464HigAug 13, 2025
    risk 0.46cvss epss 0.00

    This vulnerability exists in ZKTeco WL20 due to storage of admin and user credentials without encryption in the device firmware. An attacker with physical access could exploit this vulnerability by extracting the firmware and reverse engineer the binary data to access the…

  • CVE-2024-23942HigMar 18, 2025
    risk 0.46cvss 7.1epss 0.00

    A local user may find a configuration file on the client workstation with unencrypted sensitive data. This allows an attacker to impersonate the device or prevent the device from accessing the cloud portal which leads to a DoS.

  • CVE-2024-53979HigNov 29, 2024
    risk 0.46cvss 8.2epss 0.00

    ibm.ibm_zhmc is an Ansible collection for the IBM Z HMC. The Ansible collection "ibm.ibm_zhmc" writes password-like properties in clear text into its log file and into the output returned by some of its Ansible module in the following cases: 1. The 'boot_ftp_password' and…

  • CVE-2024-53865HigNov 29, 2024
    risk 0.46cvss 8.2epss 0.00

    zhmcclient is a pure Python client library for the IBM Z HMC Web Services API. In affected versions the Python package "zhmcclient" writes password-like properties in clear text into its HMC and API logs in the following cases: 1. The 'boot-ftp-password' and 'ssc-master-pw'…