Common Weakness Enumeration

CWE-312

Allowed

Cleartext Storage of Sensitive Information

Abstraction: Base · Status: Draft

The product stores sensitive information in cleartext within a resource that might be accessible to another control sphere.

1017 vulnerabilities reference this CWE, most recent first.

GHSA-74F7-FGMV-4C5M

Vulnerability from github – Published: 2023-01-31 00:30 – Updated: 2023-02-08 15:30
VLAI
Details

On Xerox WorkCentre 3550 25.003.03.000 devices, an authenticated attacker can view the SMB server settings and can obtain the stored cleartext credentials associated with those settings.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2022-45897"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-312"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2023-01-31T00:15:00Z",
    "severity": "MODERATE"
  },
  "details": "On Xerox WorkCentre 3550 25.003.03.000 devices, an authenticated attacker can view the SMB server settings and can obtain the stored cleartext credentials associated with those settings.",
  "id": "GHSA-74f7-fgmv-4c5m",
  "modified": "2023-02-08T15:30:32Z",
  "published": "2023-01-31T00:30:17Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-45897"
    },
    {
      "type": "WEB",
      "url": "https://Xerox.com"
    },
    {
      "type": "WEB",
      "url": "https://gist.github.com/waffl3ss/eb61d38b5c44131d3586578002c63640#file-cve-2022-45897"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-752M-78X6-Q552

Vulnerability from github – Published: 2025-08-13 18:31 – Updated: 2025-08-13 18:31
VLAI
Details

A sensitive information disclosure vulnerability in Palo Alto Networks Checkov by Prisma® Cloud can result in the cleartext exposure of Prisma Cloud access keys in Checkov's output.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2025-2181"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-312"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-08-13T17:15:27Z",
    "severity": "MODERATE"
  },
  "details": "A sensitive information disclosure vulnerability in Palo Alto Networks Checkov by Prisma\u00ae Cloud can result in the cleartext exposure of\u00a0Prisma Cloud access keys in Checkov\u0027s output.",
  "id": "GHSA-752m-78x6-q552",
  "modified": "2025-08-13T18:31:24Z",
  "published": "2025-08-13T18:31:24Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-2181"
    },
    {
      "type": "WEB",
      "url": "https://security.paloaltonetworks.com/CVE-2025-2181"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:A/VC:H/VI:N/VA:N/SC:L/SI:L/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:N/R:U/V:D/RE:M/U:Amber",
      "type": "CVSS_V4"
    }
  ]
}

GHSA-757G-M98V-6R49

Vulnerability from github – Published: 2022-05-24 16:58 – Updated: 2023-10-27 15:43
VLAI
Summary
Jenkins Sofy.AI Plugin stores API token in plain text
Details

Jenkins Sofy.AI Plugin stores an API token unencrypted in job config.xml files on the Jenkins controller. This token can be viewed by users with Extended Read permission or access to the Jenkins controller file system.

As of publication of this advisory there is no fix.

Show details on source website

{
  "affected": [
    {
      "package": {
        "ecosystem": "Maven",
        "name": "io.jenkins.plugins:sofy-ai"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "last_affected": "1.0.3"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2019-10447"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-312"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2023-10-27T15:43:23Z",
    "nvd_published_at": "2019-10-16T14:15:00Z",
    "severity": "MODERATE"
  },
  "details": "Jenkins Sofy.AI Plugin stores an API token unencrypted in job config.xml files on the Jenkins controller. This token can be viewed by users with Extended Read permission or access to the Jenkins controller file system.\n\nAs of publication of this advisory there is no fix.",
  "id": "GHSA-757g-m98v-6r49",
  "modified": "2023-10-27T15:43:23Z",
  "published": "2022-05-24T16:58:49Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-10447"
    },
    {
      "type": "WEB",
      "url": "https://jenkins.io/security/advisory/2019-10-16/#SECURITY-1431"
    },
    {
      "type": "WEB",
      "url": "http://www.openwall.com/lists/oss-security/2019/10/16/6"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
      "type": "CVSS_V3"
    }
  ],
  "summary": "Jenkins Sofy.AI Plugin stores API token in plain text "
}

GHSA-75RP-WJF6-546R

Vulnerability from github – Published: 2025-08-13 18:31 – Updated: 2025-08-13 18:31
VLAI
Details

A problem with the implementation of the MACsec protocol in Palo Alto Networks PAN-OS® results in the cleartext exposure of the connectivity association key (CAK). This issue is only applicable to PA-7500 Series devices which are in an NGFW cluster. A user who possesses this key can read messages being sent between devices in a NGFW Cluster. There is no impact in non-clustered firewalls or clusters of firewalls that do not enable MACsec.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2025-2182"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-312"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-08-13T17:15:27Z",
    "severity": "MODERATE"
  },
  "details": "A problem with the implementation of the MACsec protocol in Palo Alto Networks PAN-OS\u00ae results in the cleartext exposure of the connectivity association key (CAK). This issue is only applicable to PA-7500 Series devices which are in an NGFW cluster.\nA user who possesses this key can read messages being sent between devices in a NGFW Cluster. There is no impact in non-clustered firewalls or clusters of firewalls that do not enable MACsec.",
  "id": "GHSA-75rp-wjf6-546r",
  "modified": "2025-08-13T18:31:24Z",
  "published": "2025-08-13T18:31:24Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-2182"
    },
    {
      "type": "WEB",
      "url": "https://security.paloaltonetworks.com/CVE-2025-2182"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:4.0/AV:P/AC:L/AT:P/PR:H/UI:N/VC:H/VI:N/VA:N/SC:H/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:N/R:A/V:D/RE:M/U:Amber",
      "type": "CVSS_V4"
    }
  ]
}

GHSA-75XC-P7X5-2RWX

Vulnerability from github – Published: 2022-05-24 17:37 – Updated: 2022-05-24 17:37
VLAI
Details

GigaVUE-OS (GVOS) 5.4 - 5.9 stores a Redis database password in plaintext.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2020-23249"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-312"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2021-01-05T22:15:00Z",
    "severity": "MODERATE"
  },
  "details": "GigaVUE-OS (GVOS) 5.4 - 5.9 stores a Redis database password in plaintext.",
  "id": "GHSA-75xc-p7x5-2rwx",
  "modified": "2022-05-24T17:37:59Z",
  "published": "2022-05-24T17:37:59Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-23249"
    },
    {
      "type": "WEB",
      "url": "https://community.gigamon.com/gigamoncp/s/article/Field-Notice-Gigamon-addressing-multiple-vulnerabilities-in-GigaVUE-OS"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

GHSA-7674-88WR-2FM6

Vulnerability from github – Published: 2022-05-24 17:42 – Updated: 2022-05-24 17:42
VLAI
Details

IBM Security Verify Information Queue 1.0.6 and 1.0.7 could disclose highly sensitive information to a local user due to inproper storage of a plaintext cryptographic key. IBM X-Force ID: 198187.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2021-20408"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-312"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2021-02-12T17:15:00Z",
    "severity": "MODERATE"
  },
  "details": "IBM Security Verify Information Queue 1.0.6 and 1.0.7 could disclose highly sensitive information to a local user due to inproper storage of a plaintext cryptographic key. IBM X-Force ID: 198187.",
  "id": "GHSA-7674-88wr-2fm6",
  "modified": "2022-05-24T17:42:03Z",
  "published": "2022-05-24T17:42:03Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-20408"
    },
    {
      "type": "WEB",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/196187"
    },
    {
      "type": "WEB",
      "url": "https://www.ibm.com/support/pages/node/6414767"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

GHSA-778X-386C-73GW

Vulnerability from github – Published: 2021-12-30 00:00 – Updated: 2022-01-08 00:00
VLAI
Details

A cleartext storage of sensitive information vulnerability in the Zyxel NBG6604 firmware could allow a remote, authenticated attacker to obtain sensitive information from the configuration file.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2021-35035"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-312"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2021-12-29T13:15:00Z",
    "severity": "MODERATE"
  },
  "details": "A cleartext storage of sensitive information vulnerability in the Zyxel NBG6604 firmware could allow a remote, authenticated attacker to obtain sensitive information from the configuration file.",
  "id": "GHSA-778x-386c-73gw",
  "modified": "2022-01-08T00:00:41Z",
  "published": "2021-12-30T00:00:23Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-35035"
    },
    {
      "type": "WEB",
      "url": "https://www.zyxel.com/support/Zyxel_security_advisory_for_sensitive_information_vulnerabilities_of_NBG6604_home_router.shtml"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

GHSA-785W-M3XW-JFP8

Vulnerability from github – Published: 2022-05-24 17:02 – Updated: 2024-04-04 02:40
VLAI
Details

An attacker with low privilege could retrieve usernames and passwords credentials from the new RHSM saved in plain text into the database at '/api/v2/config' when applying the Ansible Tower license.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2019-14890"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-312"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2019-11-26T07:15:00Z",
    "severity": "HIGH"
  },
  "details": "An attacker with low privilege could retrieve usernames and passwords credentials from the new RHSM saved in plain text into the database at \u0027/api/v2/config\u0027 when applying the Ansible Tower license.",
  "id": "GHSA-785w-m3xw-jfp8",
  "modified": "2024-04-04T02:40:46Z",
  "published": "2022-05-24T17:02:07Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-14890"
    },
    {
      "type": "WEB",
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14890"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-796M-4RJR-9MVW

Vulnerability from github – Published: 2022-05-24 17:35 – Updated: 2022-05-24 17:35
VLAI
Details

IBM Sterling B2B Integrator Standard Edition 5.2.0.0 through 5.2.6.5 and 6.0.0.0 through 6.0.3.1 discloses sensitive information to an authenticated user from the dashboard UI which could be used in further attacks against the system. IBM X-Force ID: 172753.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2019-4738"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-312"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2020-12-10T23:15:00Z",
    "severity": "MODERATE"
  },
  "details": "IBM Sterling B2B Integrator Standard Edition 5.2.0.0 through 5.2.6.5 and 6.0.0.0 through 6.0.3.1 discloses sensitive information to an authenticated user from the dashboard UI which could be used in further attacks against the system. IBM X-Force ID: 172753.",
  "id": "GHSA-796m-4rjr-9mvw",
  "modified": "2022-05-24T17:35:59Z",
  "published": "2022-05-24T17:35:59Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-4738"
    },
    {
      "type": "WEB",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/172753"
    },
    {
      "type": "WEB",
      "url": "https://www.ibm.com/support/pages/node/6380390"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

GHSA-7CP5-XC65-XX7H

Vulnerability from github – Published: 2023-06-15 03:30 – Updated: 2024-04-04 04:51
VLAI
Details

IBM Security Directory Suite VA 8.0.1 through 8.0.1.19 stores user credentials in plain clear text which can be read by an authenticated user. IBM X-Force ID: 228567.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2022-33159"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-200",
      "CWE-312"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2023-06-15T02:15:09Z",
    "severity": "MODERATE"
  },
  "details": "IBM Security Directory Suite VA 8.0.1 through 8.0.1.19 stores user credentials in plain clear text which can be read by an authenticated user.  IBM X-Force ID:  228567.",
  "id": "GHSA-7cp5-xc65-xx7h",
  "modified": "2024-04-04T04:51:34Z",
  "published": "2023-06-15T03:30:17Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-33159"
    },
    {
      "type": "WEB",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/228567"
    },
    {
      "type": "WEB",
      "url": "https://www.ibm.com/support/pages/node/7001693"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

Mitigation
Implementation System Configuration Operation

When storing data in the cloud (e.g., S3 buckets, Azure blobs, Google Cloud Storage, etc.), use the provider's controls to encrypt the data at rest. [REF-1297] [REF-1299] [REF-1301]

Mitigation
Implementation System Configuration Operation

In some systems/environments such as cloud, the use of "double encryption" (at both the software and hardware layer) might be required, and the developer might be solely responsible for both layers, instead of shared responsibility with the administrator of the broader system/environment.

CAPEC-37: Retrieve Embedded Sensitive Data

An attacker examines a target system to find sensitive data that has been embedded within it. This information can reveal confidential contents, such as account numbers or individual keys/credentials that can be used as an intermediate step in a larger attack.