CWE-312
Cleartext Storage of Sensitive Information
BaseDraft
Description
The product stores sensitive information in cleartext within a resource that might be accessible to another control sphere.
Hierarchy (View 1000)
Related attack patterns (CAPEC)
CAPEC-37
CVEs mapped to this weakness (140)
page 7 of 7| CVE | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2025-0142 | Med | 0.28 | 4.3 | 0.00 | Jan 30, 2025 | Cleartext storage of sensitive information in the Zoom Jenkins Marketplace plugin before version 1.4 may allow an authenticated user to conduct a disclosure of information via network access. | |
| CVE-2024-54127 | Med | 0.28 | — | 0.00 | Dec 5, 2024 | This vulnerability exists in the TP-Link Archer C50 due to presence of terminal access on a serial interface without proper access control. An attacker with physical access could exploit this by accessing the UART shell on the vulnerable device. Successful exploitation of this vulnerability could allow the attacker to obtain Wi-Fi credentials of the targeted system. | |
| CVE-2024-36589 | Med | 0.28 | 4.3 | 0.00 | Jun 13, 2024 | An issue in Annonshop.app DecentralizeJustice/anonymousLocker commit 2b2b4 to ba9fd and DecentralizeJustice/anonBackend commit 57837 to cd815 was discovered to store credentials in plaintext. | |
| CVE-2025-54855 | Med | 0.27 | 4.2 | 0.00 | Sep 23, 2025 | Cleartext storage of sensitive information was discovered in Click Programming Software version v3.60. The vulnerability can be exploited by a local user with access to the file system, while an administrator session is active, to steal credentials stored in clear text. | |
| CVE-2026-8026 | Low | 0.24 | 3.7 | 0.00 | May 6, 2026 | A security flaw has been discovered in FlowiseAI Flowise up to 3.0.12. Affected is the function Login of the file packages/server/src/enterprise/services/account.service.ts of the component API Response Handler. The manipulation results in information disclosure. The attack can be launched remotely. A high complexity level is associated with this attack. The exploitability is told to be difficult. You should upgrade the affected component. | |
| CVE-2025-8528 | Low | 0.24 | 3.7 | 0.00 | Aug 4, 2025 | A vulnerability classified as problematic has been found in Exrick xboot up to 3.3.4. Affected is an unknown function of the file /xboot/permission/getMenuList. The manipulation leads to cleartext storage of sensitive information in a cookie. It is possible to launch the attack remotely. The complexity of an attack is rather high. The exploitability is told to be difficult. The exploit has been disclosed to the public and may be used. | |
| CVE-2023-46294 | Low | 0.22 | 3.4 | 0.00 | May 1, 2024 | An issue was discovered in Teledyne FLIR M300 2.00-19. User account passwords are encrypted locally, and can be decrypted to cleartext passwords using the utility umSetup. This utility requires root permissions to execute. | |
| CVE-2026-45362 | Low | 0.21 | 3.2 | 0.00 | May 12, 2026 | Sangoma Switchvox before 8.4 places cleartext SIP authentication credentials in a backup file. | |
| CVE-2026-6598 | Med | 0.21 | 4.3 | 0.00 | Apr 20, 2026 | A security vulnerability has been detected in langflow-ai langflow up to 1.8.3. The affected element is the function create_project/encrypt_auth_settings of the file src/backend/base/Langflow/api/v1/projects.py of the component Project Creation Endpoint. Such manipulation of the argument auth_settings leads to cleartext storage in a file or on disk. The attack can be launched remotely. The exploit has been disclosed publicly and may be used. The vendor was contacted early about this disclosure but did not respond in any way. | |
| CVE-2025-14836 | Low | 0.18 | 2.7 | 0.00 | Dec 17, 2025 | A flaw has been found in ZZCMS 2025. Affected by this vulnerability is an unknown functionality of the file /reg/user_save.php of the component User Data Storage Module. This manipulation causes cleartext storage in a file or on disk. Remote exploitation of the attack is possible. The exploit has been published and may be used. | |
| CVE-2025-23291 | Low | 0.16 | 2.4 | 0.00 | Sep 30, 2025 | NVIDIA Delegated Licensing Service for all appliance platforms contains a vulnerability where an User/Attacker may cause an authorized action. A successful exploit of this vulnerability may lead to information disclosure. | |
| CVE-2024-46383 | Low | 0.16 | 2.4 | 0.01 | Nov 15, 2024 | Hathway Skyworth Router CM5100-511 v4.1.1.24 was discovered to store sensitive information about USB and Wifi connected devices in plaintext. | |
| CVE-2024-39846 | Low | 0.16 | 3.5 | 0.00 | Jun 29, 2024 | NewPass before 1.2.0 stores passwords (rather than password hashes) directly, which makes it easier to obtain unauthorized access to sensitive information. NOTE: in each case, data at rest is encrypted, but is decrypted within process memory during use. | |
| CVE-2024-40594 | Low | 0.15 | 2.3 | 0.00 | Jul 6, 2024 | The OpenAI ChatGPT app before 2024-07-05 for macOS opts out of the sandbox, and stores conversations in cleartext in a location accessible to other apps. | |
| CVE-2025-6748 | Low | 0.14 | 2.1 | 0.00 | Jun 27, 2025 | A vulnerability classified as problematic has been found in Bharti Airtel Thanks App 4.105.4 on Android. Affected is an unknown function of the file /Android/data/com.myairtelapp/files/. The manipulation leads to cleartext storage in a file or on disk. It is possible to launch the attack on the physical device. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. | |
| CVE-2025-2922 | Low | 0.13 | 2.0 | 0.00 | Mar 28, 2025 | A vulnerability classified as problematic was found in Netis WF-2404 1.1.124EN. Affected by this vulnerability is an unknown functionality of the component BusyBox Shell. The manipulation leads to cleartext storage of sensitive information. It is possible to launch the attack on the physical device. The complexity of an attack is rather high. The exploitation appears to be difficult. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. | |
| CVE-2025-7215 | Low | 0.10 | 1.6 | 0.00 | Jul 9, 2025 | A vulnerability, which was classified as problematic, has been found in FNKvision FNK-GU2 up to 40.1.7. Affected by this issue is some unknown functionality of the file /rom/wpa_supplicant.conf. The manipulation leads to cleartext storage of sensitive information. It is possible to launch the attack on the physical device. The complexity of an attack is rather high. The exploitation is known to be difficult. The exploit has been disclosed to the public and may be used. | |
| CVE-2024-36119 | Low | 0.05 | 1.8 | 0.00 | May 30, 2024 | Statamic is a, Laravel + Git powered CMS designed for building websites. In affected versions users registering via the `user:register_form` tag will have their password confirmation stored in plain text in their user file. This only affects sites matching **all** of the following conditions: 1. Running Statamic versions between 5.3.0 and 5.6.1. (This version range represents only one calendar week), 2. Using the `user:register_form` tag. 3. Using file-based user accounts. (Does not affect users stored in a database.), 4. Has users that have registered during that time period. (Existing users are not affected.). Additionally passwords are only visible to users that have access to read user yaml files, typically developers of the application itself. This issue has been patched in version 5.6.2, however any users registered during that time period and using the affected version range will still have the the `password_confirmation` value in their yaml files. We recommend that affected users have their password reset. System administrators are advised to upgrade their deployments. There are no known workarounds for this vulnerability. Anyone who commits their files to a public git repo, may consider clearing the sensitive data from the git history as it is likely that passwords were uploaded. | |
| CVE-2015-5537 | 0.00 | — | 0.00 | Aug 3, 2015 | The SSL layer of the HTTPS service in Siemens RuggedCom ROS before 4.2.0 and ROX II does not properly implement CBC padding, which makes it easier for man-in-the-middle attackers to obtain cleartext data via a padding-oracle attack, a different vulnerability than CVE-2014-3566. | ||
| CVE-2010-0225 | 0.00 | — | 0.00 | Jan 7, 2010 | SanDisk Cruzer Enterprise USB flash drives use a fixed 256-bit key for obtaining access to the cleartext drive contents, which makes it easier for physically proximate attackers to read or modify data by determining and providing this key. |