CWE-312
Cleartext Storage of Sensitive Information
The product stores sensitive information in cleartext within a resource that might be accessible to another control sphere.
CVE-2022-2513 (GCVE-0-2022-2513)
Vulnerability from cvelistv5
Published
2022-11-22 10:30
Modified
2025-08-27 20:32
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-312 - Cleartext Storage of Sensitive Information
Summary
A vulnerability exists in the Intelligent Electronic Device (IED) Connectivity Package (ConnPack) credential storage function in Hitachi Energy’s PCM600 product included in the versions listed below, where IEDs credentials are stored in a cleartext format in the PCM600 database and logs files. An attacker having get access to the exported backup file can exploit the vulnerability and obtain user credentials of the IEDs. Additionally, an attacker with administrator access to the PCM600 host machine can obtain other user credentials by analyzing database log files. The credentials may be used to perform unauthorized modifications such as loading incorrect configurations, reboot the IEDs or cause a denial-of-service on the IEDs.
References
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Hitachi Energy | PCM600 |
Version: v2.6 < |
||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T00:39:08.068Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://publisher.hitachienergy.com/preview?DocumentID=8DBD000120\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-2513",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-25T20:57:36.531395Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-08-27T20:32:51.508Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "PCM600",
"vendor": "Hitachi Energy",
"versions": [
{
"lessThanOrEqual": "2.11 Hotfix 20220617",
"status": "affected",
"version": "v2.6",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "670 Connectivity Package",
"vendor": "Hitachi Energy",
"versions": [
{
"lessThanOrEqual": "3.4.1",
"status": "affected",
"version": "3.0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "650 Connectivity Package",
"vendor": "Hitachi Energy",
"versions": [
{
"lessThanOrEqual": "2.4.1",
"status": "affected",
"version": "1.3",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "SAM600-IO Connectivity Package",
"vendor": "Hitachi Energy",
"versions": [
{
"lessThanOrEqual": "1.2",
"status": "affected",
"version": "1.0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GMS600 Connectivity Package",
"vendor": "Hitachi Energy",
"versions": [
{
"lessThanOrEqual": "1.3.1",
"status": "affected",
"version": "1.3",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "PWC600 Connectivity Package",
"vendor": "Hitachi Energy",
"versions": [
{
"lessThanOrEqual": "1.3",
"status": "affected",
"version": "1.1",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"user": "00000000-0000-4000-9000-000000000000",
"value": "PSE - Polskie Sieci Elektroenergetyczne (Polish Power Grid Company (PPGC))"
}
],
"datePublic": "2022-11-15T13:30:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "A vulnerability exists in the Intelligent Electronic Device (IED) Connectivity Package (ConnPack) credential storage function in Hitachi Energy\u2019s PCM600 product included in the versions listed below, where IEDs credentials are stored in a cleartext format in the PCM600 database and logs files. An attacker having get access to the exported backup file can exploit the vulnerability and obtain user credentials of the IEDs. Additionally, an attacker with administrator access to the PCM600 host machine can obtain other user credentials by analyzing database log files. The credentials may be used to perform unauthorized modifications such as loading incorrect configurations, reboot the IEDs or cause a denial-of-service on the IEDs.\u003cbr\u003e\u003cbr\u003e"
}
],
"value": "A vulnerability exists in the Intelligent Electronic Device (IED) Connectivity Package (ConnPack) credential storage function in Hitachi Energy\u2019s PCM600 product included in the versions listed below, where IEDs credentials are stored in a cleartext format in the PCM600 database and logs files. An attacker having get access to the exported backup file can exploit the vulnerability and obtain user credentials of the IEDs. Additionally, an attacker with administrator access to the PCM600 host machine can obtain other user credentials by analyzing database log files. The credentials may be used to perform unauthorized modifications such as loading incorrect configurations, reboot the IEDs or cause a denial-of-service on the IEDs."
}
],
"impacts": [
{
"capecId": "CAPEC-37",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-37 Retrieve Embedded Sensitive Data"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-312",
"description": "CWE-312 Cleartext Storage of Sensitive Information",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-05-28T10:20:49.089Z",
"orgId": "e383dce4-0c27-4495-91c4-0db157728d17",
"shortName": "Hitachi Energy"
},
"references": [
{
"url": "https://publisher.hitachienergy.com/preview?DocumentID=8DBD000120\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Update to PCM600 v2.11 Hotfix 20240426 or apply mitigation\nfactors/workarounds as described in the Mitigation Factors/Workarounds Section.\u003cbr\u003e\u003cbr\u003eList of CPEs:\u0026nbsp;\u003cbr\u003ecpe:2.3:a:hitachienergy:pcm600:*:*:*:*:*:*:*:*\u003cbr\u003e\u003cbr\u003ecpe:2.3:a:hitachienergy:670ConnectivityPackage:3.4.1:*:*:*:*:*:*:*\u003cbr\u003e\n\ncpe:2.3:a:hitachienergy:670ConnectivityPackage:3.3.0:*:*:*:*:*:*:*\n\u003cbr\u003e\n\n\ncpe:2.3:a:hitachienergy:670ConnectivityPackage:3.2.6:*:*:*:*:*:*:*\n\n\u003cbr\u003e\n\ncpe:2.3:a:hitachienergy:670ConnectivityPackage:3.1.2:*:*:*:*:*:*:*\u003cbr\u003e\n\n\n\ncpe:2.3:a:hitachienergy:670ConnectivityPackage:3.0.2:*:*:*:*:*:*:*\u003cbr\u003e\n\n\u003cbr\u003ecpe:2.3:a:hitachienergy:650ConnectivityPackage:2.4.1:*:*:*:*:*:*:*\u003cbr\u003e\n\ncpe:2.3:a:hitachienergy:650ConnectivityPackage:2.3.0:*:*:*:*:*:*:*\u003cbr\u003e\n\n\n\ncpe:2.3:a:hitachienergy:650ConnectivityPackage:2.2.2:*:*:*:*:*:*:*\u003cbr\u003e\n\n\n\ncpe:2.3:a:hitachienergy:650ConnectivityPackage:2.1.2:*:*:*:*:*:*:*\u003cbr\u003e\n\n\n\ncpe:2.3:a:hitachienergy:650ConnectivityPackage:1.3.0:*:*:*:*:*:*:*\u003cbr\u003e\n\n\u003cbr\u003ecpe:2.3:a:hitachienergy:sam600ioConnectivityPackage:1.2.0:*:*:*:*:*:*:*\u003cbr\u003e\n\ncpe:2.3:a:hitachienergy:sam600ioConnectivityPackage:1.1.0:*:*:*:*:*:*:*\u003cbr\u003e\n\n\n\ncpe:2.3:a:hitachienergy:sam600ioConnectivityPackage:1.0.0:*:*:*:*:*:*:*\n\n\u003cbr\u003e\u003cbr\u003ecpe:2.3:a:hitachienergy:pwc600ConnectivityPackage:1.3.0:*:*:*:*:*:*:*\u003cbr\u003e\n\ncpe:2.3:a:hitachienergy:pwc600ConnectivityPackage:1.2.0:*:*:*:*:*:*:*\n\n\u003cbr\u003e\n\ncpe:2.3:a:hitachienergy:pwc600ConnectivityPackage:1.1.2:*:*:*:*:*:*:*\n\n\u003cbr\u003e\n\ncpe:2.3:a:hitachienergy:pwc600ConnectivityPackage:1.1.1:*:*:*:*:*:*:*\n\n\u003cbr\u003e\n\ncpe:2.3:a:hitachienergy:pwc600ConnectivityPackage:1.1.0:*:*:*:*:*:*:*\n\n\u003cbr\u003e\u003cbr\u003ecpe:2.3:a:hitachienergy:gms600ConnectivityPackage:1.3.1:*:*:*:*:*:*:*\u003cbr\u003e\n\ncpe:2.3:a:hitachienergy:gms600ConnectivityPackage:1.3.0:*:*:*:*:*:*:*\n\n\u003cbr\u003e \n\n\u003cbr\u003e"
}
],
"value": "Update to PCM600 v2.11 Hotfix 20240426 or apply mitigation\nfactors/workarounds as described in the Mitigation Factors/Workarounds Section.\n\nList of CPEs:\u00a0\ncpe:2.3:a:hitachienergy:pcm600:*:*:*:*:*:*:*:*\n\ncpe:2.3:a:hitachienergy:670ConnectivityPackage:3.4.1:*:*:*:*:*:*:*\n\n\ncpe:2.3:a:hitachienergy:670ConnectivityPackage:3.3.0:*:*:*:*:*:*:*\n\n\n\n\ncpe:2.3:a:hitachienergy:670ConnectivityPackage:3.2.6:*:*:*:*:*:*:*\n\n\n\n\ncpe:2.3:a:hitachienergy:670ConnectivityPackage:3.1.2:*:*:*:*:*:*:*\n\n\n\n\ncpe:2.3:a:hitachienergy:670ConnectivityPackage:3.0.2:*:*:*:*:*:*:*\n\n\n\ncpe:2.3:a:hitachienergy:650ConnectivityPackage:2.4.1:*:*:*:*:*:*:*\n\n\ncpe:2.3:a:hitachienergy:650ConnectivityPackage:2.3.0:*:*:*:*:*:*:*\n\n\n\n\ncpe:2.3:a:hitachienergy:650ConnectivityPackage:2.2.2:*:*:*:*:*:*:*\n\n\n\n\ncpe:2.3:a:hitachienergy:650ConnectivityPackage:2.1.2:*:*:*:*:*:*:*\n\n\n\n\ncpe:2.3:a:hitachienergy:650ConnectivityPackage:1.3.0:*:*:*:*:*:*:*\n\n\n\ncpe:2.3:a:hitachienergy:sam600ioConnectivityPackage:1.2.0:*:*:*:*:*:*:*\n\n\ncpe:2.3:a:hitachienergy:sam600ioConnectivityPackage:1.1.0:*:*:*:*:*:*:*\n\n\n\n\ncpe:2.3:a:hitachienergy:sam600ioConnectivityPackage:1.0.0:*:*:*:*:*:*:*\n\n\n\ncpe:2.3:a:hitachienergy:pwc600ConnectivityPackage:1.3.0:*:*:*:*:*:*:*\n\n\ncpe:2.3:a:hitachienergy:pwc600ConnectivityPackage:1.2.0:*:*:*:*:*:*:*\n\n\n\n\ncpe:2.3:a:hitachienergy:pwc600ConnectivityPackage:1.1.2:*:*:*:*:*:*:*\n\n\n\n\ncpe:2.3:a:hitachienergy:pwc600ConnectivityPackage:1.1.1:*:*:*:*:*:*:*\n\n\n\n\ncpe:2.3:a:hitachienergy:pwc600ConnectivityPackage:1.1.0:*:*:*:*:*:*:*\n\n\n\ncpe:2.3:a:hitachienergy:gms600ConnectivityPackage:1.3.1:*:*:*:*:*:*:*\n\n\ncpe:2.3:a:hitachienergy:gms600ConnectivityPackage:1.3.0:*:*:*:*:*:*:*"
}
],
"source": {
"advisory": "8DBD000120",
"discovery": "EXTERNAL"
},
"title": "Cleartext Credentials Vulnerability on Hitachi Energy\u2019s Multiple IED Connectivity Packages (IED ConnPacks) and PCM600 Products",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "It is recommended to implement and continuously revise least privileges principles to minimize permissions and\naccesses to PCM600 related resources, included the backup file, PCMI/PCMP file.\u003cbr\u003e\u003cbr\u003e Recommended security\npractices and firewall configurations can help protect a process control network from attacks that originate from\noutside the network. Such practices include that process control systems are physically protected from direct\naccess by unauthorized personnel, have no direct connections to the Internet, and are separated from other\nnetworks by means of a firewall system that has a minimal number of ports exposed, and others that have to be\nevaluated case by case. Process control systems should not be used for Internet surfing, instant messaging, or\nreceiving e-mails. Portable computers and removable storage media should be carefully scanned for viruses\nbefore they are connected to a control system. \u003cbr\u003e\u003cbr\u003eAn additional recommendation is to follow the hardening guidelines published by \u201cThe Center for Internet Security\n(CIS)\u201d \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.cisecurity.org/about-us/\"\u003ehttps://www.cisecurity.org/about-us/\u003c/a\u003e to protect the host Operating System.\n\u003cbr\u003e\u003cbr\u003eMore information to deploy PCM600 securely can be found in the following documents:\n1MRS758440, PCM600 Cyber Security Deployment Guideline\n\n\n\n\n\u003cbr\u003e"
}
],
"value": "It is recommended to implement and continuously revise least privileges principles to minimize permissions and\naccesses to PCM600 related resources, included the backup file, PCMI/PCMP file.\n\n Recommended security\npractices and firewall configurations can help protect a process control network from attacks that originate from\noutside the network. Such practices include that process control systems are physically protected from direct\naccess by unauthorized personnel, have no direct connections to the Internet, and are separated from other\nnetworks by means of a firewall system that has a minimal number of ports exposed, and others that have to be\nevaluated case by case. Process control systems should not be used for Internet surfing, instant messaging, or\nreceiving e-mails. Portable computers and removable storage media should be carefully scanned for viruses\nbefore they are connected to a control system. \n\nAn additional recommendation is to follow the hardening guidelines published by \u201cThe Center for Internet Security\n(CIS)\u201d https://www.cisecurity.org/about-us/ to protect the host Operating System.\n\n\nMore information to deploy PCM600 securely can be found in the following documents:\n1MRS758440, PCM600 Cyber Security Deployment Guideline"
}
],
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "e383dce4-0c27-4495-91c4-0db157728d17",
"assignerShortName": "Hitachi Energy",
"cveId": "CVE-2022-2513",
"datePublished": "2022-11-22T10:30:34.309Z",
"dateReserved": "2022-07-22T13:30:13.171Z",
"dateUpdated": "2025-08-27T20:32:51.508Z",
"requesterUserId": "add9a720-9bad-45a2-bedc-fce6888e4172",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-28912 (GCVE-0-2023-28912)
Vulnerability from cvelistv5
Published
2025-06-28 15:33
Modified
2025-06-30 15:05
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-312 - Cleartext Storage of Sensitive Information
Summary
The MIB3 unit stores the synchronized phone contact book in clear-text, allowing an attacker with either code execution privilege on the system or physical access to the system to obtain vehicle owner's contact data.
The vulnerability was originally discovered in Skoda Superb III car with MIB3 infotainment unit OEM part number 3V0035820. The list of affected MIB3 OEM part numbers is provided in the referenced resources.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Preh Car Connect GmbH (JOYNEXT GmbH) | Volkswagen MIB3 infotainment system MIB3 OI MQB |
Version: 0 < |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-28912",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-06-30T15:04:58.117010Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-06-30T15:05:14.568Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Volkswagen MIB3 infotainment system MIB3 OI MQB",
"vendor": "Preh Car Connect GmbH (JOYNEXT GmbH)",
"versions": [
{
"lessThanOrEqual": "0304",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Artem Ivachev from PCA Cyber Security (PCAutomotive)"
},
{
"lang": "en",
"type": "finder",
"value": "Mikhail Evdokimov from PCA Cyber Security (PCAutomotive)"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "The MIB3 unit stores the synchronized phone contact book in clear-text, allowing an attacker with either code execution privilege on the system or physical access to the system to obtain vehicle owner\u0027s contact data.\u003cbr\u003eThe vulnerability was originally discovered in Skoda Superb III car with MIB3 infotainment unit OEM part number 3V0035820. The list of affected MIB3 OEM part numbers is provided in the referenced resources.\u003cbr\u003e"
}
],
"value": "The MIB3 unit stores the synchronized phone contact book in clear-text, allowing an attacker with either code execution privilege on the system or physical access to the system to obtain vehicle owner\u0027s contact data.\nThe vulnerability was originally discovered in Skoda Superb III car with MIB3 infotainment unit OEM part number 3V0035820. The list of affected MIB3 OEM part numbers is provided in the referenced resources."
}
],
"impacts": [
{
"capecId": "CAPEC-37",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-37 Retrieve Embedded Sensitive Data"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-312",
"description": "CWE-312 Cleartext Storage of Sensitive Information",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-06-28T15:33:58.714Z",
"orgId": "c15abc07-96a9-4d11-a503-5d621bfe42ba",
"shortName": "ASRG"
},
"references": [
{
"url": "https://i.blackhat.com/EU-24/Presentations/EU-24-Parnishchev-OverTheAirVW.pdf"
},
{
"tags": [
"technical-description"
],
"url": "https://pcacybersecurity.com/resources/advisory/vulnerabilities-in-vw-mib3-infotainment-2"
},
{
"tags": [
"third-party-advisory"
],
"url": "https://asrg.io/security-advisories/vulnerabilities-in-volkswagen-mib3-infotainment-part-2/"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Cleartext Phonebook Information",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "c15abc07-96a9-4d11-a503-5d621bfe42ba",
"assignerShortName": "ASRG",
"cveId": "CVE-2023-28912",
"datePublished": "2025-06-28T15:33:58.714Z",
"dateReserved": "2023-03-27T14:51:16.418Z",
"dateUpdated": "2025-06-30T15:05:14.568Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-5384 (GCVE-0-2023-5384)
Vulnerability from cvelistv5
Published
2023-12-18 13:43
Modified
2025-08-27 11:58
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-312 - Cleartext Storage of Sensitive Information
Summary
A flaw was found in Infinispan. When serializing the configuration for a cache to XML/JSON/YAML, which contains credentials (JDBC store with connection pooling, remote store), the credentials are returned in clear text as part of the configuration.
References
| ▼ | URL | Tags |
|---|---|---|
| https://access.redhat.com/errata/RHSA-2023:7676 | vendor-advisory, x_refsource_REDHAT | |
| https://access.redhat.com/security/cve/CVE-2023-5384 | vdb-entry, x_refsource_REDHAT | |
| https://bugzilla.redhat.com/show_bug.cgi?id=2242156 | issue-tracking, x_refsource_REDHAT |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Red Hat | Red Hat Data Grid 8.4.6 |
cpe:/a:redhat:jboss_data_grid:8 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-5384",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-05-02T15:07:03.611901Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-04T17:28:38.094Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T07:59:44.661Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "RHSA-2023:7676",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2023:7676"
},
{
"tags": [
"vdb-entry",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/security/cve/CVE-2023-5384"
},
{
"name": "RHBZ#2242156",
"tags": [
"issue-tracking",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2242156"
},
{
"tags": [
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20240125-0004/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:jboss_data_grid:8"
],
"defaultStatus": "unaffected",
"packageName": "infinispan",
"product": "Red Hat Data Grid 8.4.6",
"vendor": "Red Hat"
}
],
"datePublic": "2023-12-06T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "A flaw was found in Infinispan. When serializing the configuration for a cache to XML/JSON/YAML, which contains credentials (JDBC store with connection pooling, remote store), the credentials are returned in clear text as part of the configuration."
}
],
"metrics": [
{
"other": {
"content": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"value": "Important"
},
"type": "Red Hat severity rating"
}
},
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-312",
"description": "Cleartext Storage of Sensitive Information",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-08-27T11:58:49.581Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "RHSA-2023:7676",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2023:7676"
},
{
"tags": [
"vdb-entry",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/security/cve/CVE-2023-5384"
},
{
"name": "RHBZ#2242156",
"tags": [
"issue-tracking",
"x_refsource_REDHAT"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2242156"
}
],
"timeline": [
{
"lang": "en",
"time": "2023-10-04T00:00:00+00:00",
"value": "Reported to Red Hat."
},
{
"lang": "en",
"time": "2023-12-06T00:00:00+00:00",
"value": "Made public."
}
],
"title": "Infinispan: credentials returned from configuration as clear text",
"workarounds": [
{
"lang": "en",
"value": "The issue\u0027s impact is limited because only users with administrator permissions can retrieve the cache configurations, and the recommended approach for connecting via JDBC is using the `datasource` configuration, which does not expose the database credentials."
}
],
"x_redhatCweChain": "CWE-312: Cleartext Storage of Sensitive Information"
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2023-5384",
"datePublished": "2023-12-18T13:43:08.728Z",
"dateReserved": "2023-10-04T16:12:42.727Z",
"dateUpdated": "2025-08-27T11:58:49.581Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-23942 (GCVE-0-2024-23942)
Vulnerability from cvelistv5
Published
2025-03-18 11:03
Modified
2025-08-20 06:11
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-312 - Cleartext Storage of Sensitive Information
Summary
A local user may find a configuration file on the client workstation with unencrypted sensitive data. This allows an attacker to impersonate the device or prevent the device from accessing the cloud portal which leads to a DoS.
References
Impacted products
| Vendor | Product | Version | |||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | MB connect line | mbCONNECT24 |
Version: 0 ≤ |
||||||||||||||||
|
|||||||||||||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-23942",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-03-18T13:14:54.987012Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-03-18T13:15:06.774Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "mbCONNECT24",
"vendor": "MB connect line",
"versions": [
{
"lessThan": "2.16.2",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "mbNET",
"vendor": "MB connect line",
"versions": [
{
"lessThan": "8.2.0",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "mbNET.rokey",
"vendor": "MB connect line",
"versions": [
{
"lessThan": "8.2.0",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "mymbCONNECT24",
"vendor": "MB connect line",
"versions": [
{
"lessThan": "2.16.2",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "A local user may find a configuration file on the client workstation with unencrypted sensitive data. This allows an attacker to impersonate the device or prevent the device from accessing the cloud portal which leads to a DoS.\u003cbr\u003e"
}
],
"value": "A local user may find a configuration file on the client workstation with unencrypted sensitive data. This allows an attacker to impersonate the device or prevent the device from accessing the cloud portal which leads to a DoS."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-312",
"description": "CWE-312 Cleartext Storage of Sensitive Information",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-08-20T06:11:05.971Z",
"orgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
"shortName": "CERTVDE"
},
"references": [
{
"url": "https://cert.vde.com/en/advisories/VDE-2024-010"
}
],
"source": {
"advisory": "VDE-2024-010",
"defect": [
"CERT@VDE#64614"
],
"discovery": "UNKNOWN"
},
"title": "MB connect line: Configuration File on the client workstation is not encrypted",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
"assignerShortName": "CERTVDE",
"cveId": "CVE-2024-23942",
"datePublished": "2025-03-18T11:03:35.116Z",
"dateReserved": "2024-01-24T08:35:23.199Z",
"dateUpdated": "2025-08-20T06:11:05.971Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-31415 (GCVE-0-2024-31415)
Vulnerability from cvelistv5
Published
2024-09-13 16:48
Modified
2025-08-26 10:22
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-312 - Cleartext Storage of Sensitive Information
Summary
The Eaton Foreseer software provides the feasibility for the user to configure external servers for multiple purposes such as network management, user management, etc. The software uses encryption to store these configurations securely on the host machine. However, the keys used for this encryption were insecurely stored, which could be abused to possibly change or remove the server configuration.
References
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:eaton:foreseer_electrical_power_monitoring_system:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "foreseer_electrical_power_monitoring_system",
"vendor": "eaton",
"versions": [
{
"lessThan": "7.8.500",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-31415",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-13T17:31:38.578187Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-13T17:34:40.354Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Foreseer",
"vendor": "Eaton",
"versions": [
{
"lessThan": "7.8.500",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "Joseph Yim"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "The Eaton Foreseer software provides the feasibility for the user to configure external servers for multiple purposes such as network management, user management, etc. The software uses encryption to store these configurations securely on the host machine. However, the keys used for this encryption were insecurely stored, which could be abused to possibly change or remove the server configuration."
}
],
"value": "The Eaton Foreseer software provides the feasibility for the user to configure external servers for multiple purposes such as network management, user management, etc. The software uses encryption to store these configurations securely on the host machine. However, the keys used for this encryption were insecurely stored, which could be abused to possibly change or remove the server configuration."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-312",
"description": "CWE-312 Cleartext Storage of Sensitive Information",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-08-26T10:22:22.285Z",
"orgId": "63703b7d-23e2-41ef-94b3-a3c6333f7759",
"shortName": "Eaton"
},
"references": [
{
"url": "https://www.eaton.com/content/dam/eaton/company/news-insights/cybersecurity/security-bulletins/etn-va-2024-1008.pdf"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "63703b7d-23e2-41ef-94b3-a3c6333f7759",
"assignerShortName": "Eaton",
"cveId": "CVE-2024-31415",
"datePublished": "2024-09-13T16:48:12.280Z",
"dateReserved": "2024-04-03T11:17:01.662Z",
"dateUpdated": "2025-08-26T10:22:22.285Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-4840 (GCVE-0-2024-4840)
Vulnerability from cvelistv5
Published
2024-05-13 22:16
Modified
2025-08-30 16:05
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-312 - Cleartext Storage of Sensitive Information
Summary
An flaw was found in the OpenStack Platform (RHOSP) director, a toolset for installing and managing a complete RHOSP environment. Plaintext passwords may be stored in log files, which can expose sensitive information to anyone with access to the logs.
References
| ▼ | URL | Tags |
|---|---|---|
| https://access.redhat.com/errata/RHSA-2024:9978 | vendor-advisory, x_refsource_REDHAT | |
| https://access.redhat.com/security/cve/CVE-2024-4840 | vdb-entry, x_refsource_REDHAT | |
| https://bugzilla.redhat.com/show_bug.cgi?id=2280249 | issue-tracking, x_refsource_REDHAT |
Impacted products
| Vendor | Product | Version | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ |
Unaffected: 14.3.1-17.1.20240528170747.e7c7ce3.el9ost < |
|||||||||||||
|
||||||||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-4840",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-05-24T19:32:24.426737Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-07-24T15:59:59.529Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-01T20:55:09.958Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vdb-entry",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/security/cve/CVE-2024-4840"
},
{
"name": "RHBZ#2280249",
"tags": [
"issue-tracking",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2280249"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://github.com/openstack-archive/tripleo-heat-templates",
"packageName": "openstack-tripleo-heat-templates",
"versions": [
{
"status": "unaffected",
"version": "14.3.1-17.1.20240528170747.e7c7ce3.el9ost",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openstack:17.1::el9"
],
"defaultStatus": "affected",
"packageName": "openstack-tripleo-heat-templates",
"product": "Red Hat OpenStack Platform 17.1 for RHEL 9",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:14.3.1-17.1.20240919130756.el9ost",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openstack:16.2"
],
"defaultStatus": "affected",
"packageName": "rhosp-director",
"product": "Red Hat OpenStack Platform 16.2",
"vendor": "Red Hat"
}
],
"datePublic": "2024-05-06T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "An flaw was found in the OpenStack Platform (RHOSP) director, a toolset for installing and managing a complete RHOSP environment. Plaintext passwords may be stored in log files, which can expose sensitive information to anyone with access to the logs."
}
],
"metrics": [
{
"other": {
"content": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"value": "Moderate"
},
"type": "Red Hat severity rating"
}
},
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-312",
"description": "Cleartext Storage of Sensitive Information",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-08-30T16:05:28.774Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "RHSA-2024:9978",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2024:9978"
},
{
"tags": [
"vdb-entry",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/security/cve/CVE-2024-4840"
},
{
"name": "RHBZ#2280249",
"tags": [
"issue-tracking",
"x_refsource_REDHAT"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2280249"
}
],
"timeline": [
{
"lang": "en",
"time": "2024-05-10T00:00:00+00:00",
"value": "Reported to Red Hat."
},
{
"lang": "en",
"time": "2024-05-06T00:00:00+00:00",
"value": "Made public."
}
],
"title": "Rhosp-director: cleartext passwords exposed in logs",
"x_redhatCweChain": "CWE-312: Cleartext Storage of Sensitive Information"
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2024-4840",
"datePublished": "2024-05-13T22:16:39.899Z",
"dateReserved": "2024-05-13T16:34:02.118Z",
"dateUpdated": "2025-08-30T16:05:28.774Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-50570 (GCVE-0-2024-50570)
Vulnerability from cvelistv5
Published
2024-12-18 12:44
Modified
2025-08-27 21:29
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-312 - Information disclosure
Summary
A Cleartext Storage of Sensitive Information vulnerability [CWE-312] in FortiClientWindows 7.4.0 through 7.4.1, 7.2.0 through 7.2.6, 7.0.0 through 7.0.13 and FortiClientLinux 7.4.0 through 7.4.2, 7.2.0 through 7.2.7, 7.0.0 through 7.0.13 may permit a local authenticated user to retrieve VPN password via memory dump, due to JavaScript's garbage collector
References
Impacted products
| Vendor | Product | Version | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Fortinet | FortiClientMac |
Version: 7.4.0 ≤ 7.4.2 Version: 7.2.0 ≤ 7.2.7 Version: 7.0.0 ≤ 7.0.14 |
|||||||||||
|
||||||||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-50570",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-12-18T14:30:59.618705Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-312",
"description": "CWE-312 Cleartext Storage of Sensitive Information",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-08-27T21:29:14.762Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"cpes": [],
"defaultStatus": "unaffected",
"product": "FortiClientMac",
"vendor": "Fortinet",
"versions": [
{
"lessThanOrEqual": "7.4.2",
"status": "affected",
"version": "7.4.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.2.7",
"status": "affected",
"version": "7.2.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.0.14",
"status": "affected",
"version": "7.0.0",
"versionType": "semver"
}
]
},
{
"cpes": [],
"defaultStatus": "unaffected",
"product": "FortiClientLinux",
"vendor": "Fortinet",
"versions": [
{
"lessThanOrEqual": "7.4.2",
"status": "affected",
"version": "7.4.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.2.7",
"status": "affected",
"version": "7.2.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.0.13",
"status": "affected",
"version": "7.0.0",
"versionType": "semver"
}
]
},
{
"cpes": [],
"defaultStatus": "unaffected",
"product": "FortiClientWindows",
"vendor": "Fortinet",
"versions": [
{
"status": "affected",
"version": "7.4.0"
},
{
"lessThanOrEqual": "7.2.5",
"status": "affected",
"version": "7.2.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.0.13",
"status": "affected",
"version": "7.0.0",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A Cleartext Storage of Sensitive Information vulnerability [CWE-312] in FortiClientWindows 7.4.0 through 7.4.1, 7.2.0 through 7.2.6, 7.0.0 through 7.0.13 and FortiClientLinux 7.4.0 through 7.4.2, 7.2.0 through 7.2.7, 7.0.0 through 7.0.13 may permit a local authenticated user to retrieve VPN password via memory dump, due to JavaScript\u0027s garbage collector"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 4.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:C/C:H/I:N/A:N/E:F/RL:X/RC:X",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-312",
"description": "Information disclosure",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-12-18T12:44:38.644Z",
"orgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
"shortName": "fortinet"
},
"references": [
{
"name": "https://fortiguard.fortinet.com/psirt/FG-IR-23-278",
"url": "https://fortiguard.fortinet.com/psirt/FG-IR-23-278"
}
],
"solutions": [
{
"lang": "en",
"value": "Please upgrade to FortiClientLinux version 7.4.3 or above \nPlease upgrade to FortiClientLinux version 7.2.8 or above \nPlease upgrade to FortiClientLinux version 7.0.14 or above \nPlease upgrade to FortiClientWindows version 7.4.2 or above \nPlease upgrade to FortiClientWindows version 7.2.7 or above \nPlease upgrade to FortiClientWindows version 7.0.14 or above"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
"assignerShortName": "fortinet",
"cveId": "CVE-2024-50570",
"datePublished": "2024-12-18T12:44:38.644Z",
"dateReserved": "2024-10-24T11:52:14.402Z",
"dateUpdated": "2025-08-27T21:29:14.762Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-52284 (GCVE-0-2024-52284)
Vulnerability from cvelistv5
Published
2025-09-02 11:49
Modified
2025-09-02 13:31
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-312 - Cleartext Storage of Sensitive Information
Summary
Unauthorized disclosure of sensitive data: Any user with `GET` or `LIST` permissions on `BundleDeployment` resources could retrieve Helm values containing credentials or other secrets.
References
Impacted products
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-52284",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-09-02T13:31:45.987374Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-09-02T13:31:49.988Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"packageName": "github.com/rancher/fleet",
"product": "Rancher",
"vendor": "SUSE",
"versions": [
{
"lessThan": "0.13.1-0.20250806151509-088bcbea7edb",
"status": "affected",
"version": "0.13.0",
"versionType": "semver"
},
{
"lessThan": "0.12.6",
"status": "affected",
"version": "0.12.0",
"versionType": "semver"
},
{
"lessThan": "0.11.10",
"status": "affected",
"version": "0.11.0",
"versionType": "semver"
}
]
}
],
"datePublic": "2025-08-29T12:31:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Unauthorized disclosure of sensitive data: Any user with `GET` or `LIST` permissions on `BundleDeployment` resources could retrieve Helm values containing credentials or other secrets."
}
],
"value": "Unauthorized disclosure of sensitive data: Any user with `GET` or `LIST` permissions on `BundleDeployment` resources could retrieve Helm values containing credentials or other secrets."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.7,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-312",
"description": "CWE-312: Cleartext Storage of Sensitive Information",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-09-02T11:50:55.874Z",
"orgId": "404e59f5-483d-4b8a-8e7a-e67604dd8afb",
"shortName": "suse"
},
"references": [
{
"url": "https://bugzilla.suse.com/show_bug.cgi?id=CVE-2024-52284"
},
{
"url": "https://github.com/advisories/GHSA-6h9x-9j5v-7w9h"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Rancher Fleet Helm Values are stored inside BundleDeployment in plain text",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "404e59f5-483d-4b8a-8e7a-e67604dd8afb",
"assignerShortName": "suse",
"cveId": "CVE-2024-52284",
"datePublished": "2025-09-02T11:49:49.379Z",
"dateReserved": "2024-11-06T12:19:57.723Z",
"dateUpdated": "2025-09-02T13:31:49.988Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-7259 (GCVE-0-2024-7259)
Vulnerability from cvelistv5
Published
2024-09-26 15:15
Modified
2025-07-30 15:51
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-312 - Cleartext Storage of Sensitive Information
Summary
A flaw was found in oVirt. A user with administrator privileges, including users with the ReadOnlyAdmin permission, may be able to use browser developer tools to view Provider passwords in cleartext.
References
| ▼ | URL | Tags |
|---|---|---|
| https://access.redhat.com/security/cve/CVE-2024-7259 | vdb-entry, x_refsource_REDHAT | |
| https://bugzilla.redhat.com/show_bug.cgi?id=2314229 | issue-tracking, x_refsource_REDHAT |
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| ▼ |
Version: 0 ≤ |
||||||||
|
|||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-7259",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-26T15:45:53.572941Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-26T15:50:53.467Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://github.com/oVirt/ovirt-engine",
"defaultStatus": "unaffected",
"packageName": "ovirt-engine",
"versions": [
{
"lessThan": "4.5.7",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/o:redhat:rhev_hypervisor:4"
],
"defaultStatus": "affected",
"packageName": "ovirt-engine",
"product": "Red Hat Virtualization 4",
"vendor": "Red Hat"
}
],
"datePublic": "2024-09-26T15:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "A flaw was found in oVirt. A user with administrator privileges, including users with the ReadOnlyAdmin permission, may be able to use browser developer tools to view Provider passwords in cleartext."
}
],
"metrics": [
{
"other": {
"content": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"value": "Moderate"
},
"type": "Red Hat severity rating"
}
},
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-312",
"description": "Cleartext Storage of Sensitive Information",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-07-30T15:51:46.722Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"tags": [
"vdb-entry",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/security/cve/CVE-2024-7259"
},
{
"name": "RHBZ#2314229",
"tags": [
"issue-tracking",
"x_refsource_REDHAT"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2314229"
}
],
"timeline": [
{
"lang": "en",
"time": "2024-09-23T15:07:14.058000+00:00",
"value": "Reported to Red Hat."
},
{
"lang": "en",
"time": "2024-09-26T15:00:00+00:00",
"value": "Made public."
}
],
"title": "Ovirt-engine: potential exposure of cleartext provider passwords via web ui",
"workarounds": [
{
"lang": "en",
"value": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability."
}
],
"x_redhatCweChain": "CWE-312: Cleartext Storage of Sensitive Information"
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2024-7259",
"datePublished": "2024-09-26T15:15:56.980Z",
"dateReserved": "2024-07-30T01:00:27.812Z",
"dateUpdated": "2025-07-30T15:51:46.722Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-1499 (GCVE-0-2025-1499)
Vulnerability from cvelistv5
Published
2025-06-01 11:30
Modified
2025-08-26 14:54
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-312 - Cleartext Storage of Sensitive Information
Summary
IBM InfoSphere Information Server 11.7 stores credential information for database authentication in a cleartext parameter file that could be viewed by an authenticated user.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.ibm.com/support/pages/node/7233154 | vendor-advisory, patch |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| IBM | InfoSphere Information Server |
Version: 11.7 cpe:2.3:a:ibm:infosphere_information_server:11.7:*:*:*:*:*:*:* |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-1499",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-06-02T03:16:31.714504Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-06-02T03:16:49.413Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:a:ibm:infosphere_information_server:11.7:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "InfoSphere Information Server",
"vendor": "IBM",
"versions": [
{
"status": "affected",
"version": "11.7"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "IBM InfoSphere Information Server 11.7 stores credential information for database authentication in a cleartext parameter file that could be viewed by an authenticated user."
}
],
"value": "IBM InfoSphere Information Server 11.7 stores credential information for database authentication in a cleartext parameter file that could be viewed by an authenticated user."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-312",
"description": "CWE-312 Cleartext Storage of Sensitive Information",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-08-26T14:54:42.793Z",
"orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"shortName": "ibm"
},
"references": [
{
"tags": [
"vendor-advisory",
"patch"
],
"url": "https://www.ibm.com/support/pages/node/7233154"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "InfoSphere Information Server, InfoSphere Information Server on Cloud 11.7 DT423714 \u003cbr\u003e --Apply InfoSphere Information Server version 11.7.1.0 \u003cbr\u003e--Apply InfoSphere Information Server version 11.7.1.6\u003cbr\u003e--Apply InfoSphere DataStage security patch\u003cbr\u003e"
}
],
"value": "InfoSphere Information Server, InfoSphere Information Server on Cloud 11.7 DT423714 \n --Apply InfoSphere Information Server version 11.7.1.0 \n--Apply InfoSphere Information Server version 11.7.1.6\n--Apply InfoSphere DataStage security patch"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "IBM InfoSphere Information Server information disclosure",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"assignerShortName": "ibm",
"cveId": "CVE-2025-1499",
"datePublished": "2025-06-01T11:30:58.760Z",
"dateReserved": "2025-02-20T15:32:19.936Z",
"dateUpdated": "2025-08-26T14:54:42.793Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Mitigation
Phases: Implementation, System Configuration, Operation
Description:
- When storing data in the cloud (e.g., S3 buckets, Azure blobs, Google Cloud Storage, etc.), use the provider's controls to encrypt the data at rest. [REF-1297] [REF-1299] [REF-1301]
Mitigation
Phases: Implementation, System Configuration, Operation
Description:
- In some systems/environments such as cloud, the use of "double encryption" (at both the software and hardware layer) might be required, and the developer might be solely responsible for both layers, instead of shared responsibility with the administrator of the broader system/environment.
CAPEC-37: Retrieve Embedded Sensitive Data
An attacker examines a target system to find sensitive data that has been embedded within it. This information can reveal confidential contents, such as account numbers or individual keys/credentials that can be used as an intermediate step in a larger attack.