VYPR

CWE-312

Cleartext Storage of Sensitive Information

BaseDraft

Description

The product stores sensitive information in cleartext within a resource that might be accessible to another control sphere.

Hierarchy (View 1000)

Related attack patterns (CAPEC)

CAPEC-37

CVEs mapped to this weakness (269)

page 6 of 14
  • CVE-2023-28912MedJun 28, 2025
    risk 0.37cvss 5.7epss 0.00

    The MIB3 unit stores the synchronized phone contact book in clear-text, allowing an attacker with either code execution privilege on the system or physical access to the system to obtain vehicle owner's contact data. The vulnerability was originally discovered in Skoda Superb…

  • CVE-2024-55582MedDec 9, 2024
    risk 0.37cvss 5.7epss 0.00

    Oxide before 6 has unencrypted Control Plane datastores.

  • CVE-2026-43942MedMay 8, 2026
    risk 0.36cvss 5.5epss 0.00

    electerm is an open-sourced terminal/ssh/sftp/telnet/serialport/RDP/VNC/Spice/ftp client. In versions 3.8.15 and prior, the getConstants() IPC handler in src/app/lib/ipc-sync.js serialises the entire process.env object and sends it to the renderer. The data is stored as…

  • CVE-2025-3784MedNov 27, 2025
    risk 0.36cvss 5.5epss 0.00

    Cleartext Storage of Sensitive Information Vulnerability in GX Works2 all versions allows an attacker to disclose credential information stored in plaintext from project files. As a result, the attacker may be able to open project files protected by user authentication using…

  • CVE-2025-2182MedAug 13, 2025
    risk 0.36cvss epss 0.00

    A problem with the implementation of the MACsec protocol in Palo Alto Networks PAN-OS® results in the cleartext exposure of the connectivity association key (CAK). This issue is only applicable to PA-7500 Series devices which are in an NGFW cluster. A user who possesses this…

  • CVE-2025-41458MedJul 21, 2025
    risk 0.36cvss 5.5epss 0.00

    Unencrypted storage in the database in Two App Studio Journey v5.5.9 for iOS allows local attackers to extract sensitive data via direct access to the app’s filesystem.

  • CVE-2025-41647MedJun 25, 2025
    risk 0.36cvss 5.5epss 0.00

    A local, low-privileged attacker can learn the password of the connected controller in PLC Designer V4 due to an incorrect implementation that results in the password being displayed in plain text under special conditions.

  • CVE-2024-4840MedMay 14, 2024
    risk 0.36cvss 5.5epss 0.00

    An flaw was found in the OpenStack Platform (RHOSP) director, a toolset for installing and managing a complete RHOSP environment. Plaintext passwords may be stored in log files, which can expose sensitive information to anyone with access to the logs.

  • CVE-2020-10727MedJun 26, 2020
    risk 0.36cvss 5.5epss 0.01

    A flaw was found in ActiveMQ Artemis management API from version 2.7.0 up until 2.12.0, where a user inadvertently stores passwords in plaintext in the Artemis shadow file (etc/artemis-users.properties file) when executing the `resetUsers` operation. A local attacker can use…

  • CVE-2009-1466MedMay 14, 2009
    risk 0.36cvss 5.5epss 0.00

    Application Access Server (A-A-S) 2.0.48 stores (1) passwords and (2) the port keyword in cleartext in aas.ini, which allows local users to obtain sensitive information by reading this file.

  • CVE-2008-1567MedMar 31, 2008
    risk 0.36cvss 5.5epss 0.00

    phpMyAdmin before 2.11.5.1 stores the MySQL (1) username and (2) password, and the (3) Blowfish secret key, in cleartext in a Session file under /tmp, which allows local users to obtain sensitive information.

  • CVE-2005-2209MedJul 11, 2005
    risk 0.36cvss 5.5epss 0.00

    Capturix ScanShare 1.06 build 50 stores sensitive information such as the password in cleartext in capturixss_cfg.ini, which is readable by local users.

  • CVE-2002-1696MedDec 31, 2002
    risk 0.36cvss 5.5epss 0.00

    Microsoft Outlook plug-in PGP version 7.0, 7.0.3, and 7.0.4 silently saves a decrypted copy of a message to hard disk when "Automatically decrypt/verify when opening messages" option is checked, "Always use Secure Viewer when decrypting" option is not checked, and the user…

  • CVE-2026-41385MedApr 28, 2026
    risk 0.35cvss 6.5epss 0.00

    OpenClaw before 2026.3.31 stores Nostr privateKey as plaintext in configuration, allowing exposure through config.get method calls that bypass redaction mechanisms. Attackers can retrieve unredacted configuration data to obtain plaintext signing keys used for Nostr protocol…

  • CVE-2026-35644MedApr 9, 2026
    risk 0.35cvss 6.5epss 0.00

    OpenClaw before 2026.3.22 contains an information disclosure vulnerability that allows attackers with operator.read scope to expose credentials embedded in channel baseUrl and httpUrl fields. Attackers can access gateway snapshots via config.get and channels.status endpoints to…

  • CVE-2026-39943MedApr 9, 2026
    risk 0.35cvss 6.5epss 0.00

    Directus is a real-time API and App dashboard for managing SQL database content. Prior to 11.17.0, Directus stores revision records (in directus_revisions) whenever items are created or updated. Due to the revision snapshot code not consistently calling the prepareDelta…

  • CVE-2026-27877MedMar 27, 2026
    risk 0.35cvss 6.5epss 0.00

    When using public dashboards and direct data-sources, all direct data-sources' passwords are exposed despite not being used in dashboards. No passwords of proxied data-sources are exposed. We encourage all direct data-sources to be converted to proxied data-sources as far as…

  • CVE-2024-12094MedDec 5, 2024
    risk 0.35cvss epss 0.00

    This vulnerability exists in the Tinxy mobile app due to storage of logged-in user information in plaintext on the device database. An attacker with physical access to the rooted device could exploit this vulnerability by accessing its database leading to unauthorized access of…

  • CVE-2026-45040MedMay 28, 2026
    risk 0.34cvss epss 0.00

    RustFS is a distributed object storage system built in Rust. Prior to 1.0.0-beta.2, RustFS suffers from sensitive information leakage in log outputs. When the server is run with RUST_LOG=debug sensitive credentials including SessionToken (JWT), SecretAccessKey, and full JWT…

  • CVE-2026-9274MedMay 25, 2026
    risk 0.34cvss epss 0.00

    This vulnerability exists in CP Plus Wi-Fi Camera due to improper protection of sensitive information in runtime memory. An attacker with physical access could exploit this vulnerability by accessing the UART interface and performing memory extraction to obtain sensitive…