Common Weakness Enumeration

CWE-312

Allowed

Cleartext Storage of Sensitive Information

Abstraction: Base · Status: Draft

The product stores sensitive information in cleartext within a resource that might be accessible to another control sphere.

1017 vulnerabilities reference this CWE, most recent first.

GHSA-CMWC-RX53-QX3H

Vulnerability from github – Published: 2024-09-30 21:02 – Updated: 2024-10-01 00:33
VLAI
Details

An issue was discovered in Infinera hiT 7300 5.60.50. Sensitive information inside diagnostic files (exported by the @CT application) allows an attacker to achieve loss of confidentiality by analyzing these files.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2024-28810"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-312"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-09-30T19:15:03Z",
    "severity": "MODERATE"
  },
  "details": "An issue was discovered in Infinera hiT 7300 5.60.50. Sensitive information inside diagnostic files (exported by the @CT application) allows an attacker to achieve loss of confidentiality by analyzing these files.",
  "id": "GHSA-cmwc-rx53-qx3h",
  "modified": "2024-10-01T00:33:40Z",
  "published": "2024-09-30T21:02:13Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-28810"
    },
    {
      "type": "WEB",
      "url": "https://www.cvcn.gov.it/cvcn/cve/CVE-2024-28810"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-CP2C-JPV3-3R5R

Vulnerability from github – Published: 2026-04-10 00:30 – Updated: 2026-04-10 00:30
VLAI
Details

OpenClaw before 2026.3.22 contains an information disclosure vulnerability that allows attackers with operator.read scope to expose credentials embedded in channel baseUrl and httpUrl fields. Attackers can access gateway snapshots via config.get and channels.status endpoints to retrieve sensitive authentication information from URL userinfo components.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2026-35644"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-312"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2026-04-09T22:16:33Z",
    "severity": "HIGH"
  },
  "details": "OpenClaw before 2026.3.22 contains an information disclosure vulnerability that allows attackers with operator.read scope to expose credentials embedded in channel baseUrl and httpUrl fields. Attackers can access gateway snapshots via config.get and channels.status endpoints to retrieve sensitive authentication information from URL userinfo components.",
  "id": "GHSA-cp2c-jpv3-3r5r",
  "modified": "2026-04-10T00:30:30Z",
  "published": "2026-04-10T00:30:30Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://github.com/openclaw/openclaw/security/advisories/GHSA-ppwq-6v66-5m6j"
    },
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-35644"
    },
    {
      "type": "WEB",
      "url": "https://github.com/openclaw/openclaw/commit/630f1479c44f78484dfa21bb407cbe6f171dac87"
    },
    {
      "type": "WEB",
      "url": "https://github.com/openclaw/openclaw/commit/f0202264d0de7ad345382b9008c5963bcefb01b7"
    },
    {
      "type": "WEB",
      "url": "https://www.vulncheck.com/advisories/openclaw-credential-exposure-via-baseurl-fields-in-gateway-snapshots"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
      "type": "CVSS_V3"
    },
    {
      "score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
      "type": "CVSS_V4"
    }
  ]
}

GHSA-CPHW-5RRJ-WRRH

Vulnerability from github – Published: 2025-09-30 18:30 – Updated: 2025-09-30 18:30
VLAI
Details

NVIDIA Delegated Licensing Service for all appliance platforms contains a vulnerability where an User/Attacker may cause an authorized action. A successful exploit of this vulnerability may lead to information disclosure.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2025-23291"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-312"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-09-30T18:15:49Z",
    "severity": "LOW"
  },
  "details": "NVIDIA Delegated Licensing Service for all appliance platforms contains a vulnerability where an User/Attacker may cause an authorized action. A successful exploit of this vulnerability may lead to information disclosure.",
  "id": "GHSA-cphw-5rrj-wrrh",
  "modified": "2025-09-30T18:30:25Z",
  "published": "2025-09-30T18:30:25Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-23291"
    },
    {
      "type": "WEB",
      "url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5705"
    },
    {
      "type": "WEB",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-23291"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:A/AC:H/PR:H/UI:R/S:C/C:L/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-CPM5-CQR9-7P79

Vulnerability from github – Published: 2022-09-22 00:00 – Updated: 2022-12-09 20:01
VLAI
Summary
Jenkins BigPanda Notifier Plugin Missing Password Field Masking
Details

BigPanda Notifier Plugin 1.4.0 and earlier stores the BigPanda API key unencrypted in its global configuration file BigpandaGlobalNotifier.xml on the Jenkins controller as part of its configuration.

This API key can be viewed by users with access to the Jenkins controller file system.

Additionally, the global configuration form does not mask the API key, increasing the potential for attackers to observe and capture it.

Show details on source website

{
  "affected": [
    {
      "package": {
        "ecosystem": "Maven",
        "name": "org.jenkins-ci.plugins:bigpanda-jenkins"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "last_affected": "1.4.0"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2022-41248"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-312",
      "CWE-549"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2022-09-23T13:18:08Z",
    "nvd_published_at": "2022-09-21T16:15:00Z",
    "severity": "LOW"
  },
  "details": "BigPanda Notifier Plugin 1.4.0 and earlier stores the BigPanda API key unencrypted in its global configuration file `BigpandaGlobalNotifier.xml` on the Jenkins controller as part of its configuration.\n\nThis API key can be viewed by users with access to the Jenkins controller file system.\n\nAdditionally, the global configuration form does not mask the API key, increasing the potential for attackers to observe and capture it.",
  "id": "GHSA-cpm5-cqr9-7p79",
  "modified": "2022-12-09T20:01:45Z",
  "published": "2022-09-22T00:00:26Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-41248"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/jenkinsci/bigpanda-plugin"
    },
    {
      "type": "WEB",
      "url": "https://www.jenkins.io/security/advisory/2022-09-21/#SECURITY-2243"
    },
    {
      "type": "WEB",
      "url": "http://www.openwall.com/lists/oss-security/2022/09/21/5"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
      "type": "CVSS_V3"
    }
  ],
  "summary": "Jenkins BigPanda Notifier Plugin Missing Password Field Masking"
}

GHSA-CQ4P-VP5Q-4522

Vulnerability from github – Published: 2023-01-25 19:36 – Updated: 2023-02-15 18:40
VLAI
Summary
Plaintext storage of sensitive data in Rancher API and cluster.management.cattle.io objects
Details

Impact

This issue affects Rancher versions from 2.5.0 up to and including 2.5.16, from 2.6.0 up to and including 2.6.9 and 2.7.0. It was discovered that the security advisory CVE-2021-36782 (GHSA-g7j7-h4q8-8w2f), previously released by Rancher, missed addressing some sensitive fields, secret tokens, encryption keys, and SSH keys that were still being stored in plaintext directly on Kubernetes objects like Clusters.

The exposed credentials are visible in Rancher to authenticated Cluster Owners, Cluster Members, Project Owners and Project Members of that cluster on the endpoints:

  • /v1/management.cattle.io.cluster
  • /v1/management.cattle.io.clustertemplaterevisions

The remaining sensitive fields are now stripped from Clusters and other objects and moved to a Secret before the object is stored. The Secret is retrieved when the credential is needed. For objects that existed before this security fix, a one-time migration happens on startup.

The fields that have been addressed by this security fix are:

  • Cluster.Spec.RancherKubernetesEngineConfig.Services.KubeAPI.SecretsEncryptionConfig.CustomConfig.Providers[].AESGCM.Keys[].Secret
  • Cluster.Spec.RancherKubernetesEngineConfig.Services.KubeAPI.SecretsEncryptionConfig.CustomConfig.Providers[].AESCBC.Keys[].Secret
  • Cluster.Spec.RancherKubernetesEngineConfig.Services.KubeAPI.SecretsEncryptionConfig.CustomConfig.Providers[].SecretboxConfiguration.Keys[].Secret
  • Cluster.Spec.RancherKubernetesEngineConfig.Services.Kubelet.ExtraEnv when containing the AWS_SECRET_ACCESS_KEY environment variable
  • Cluster.Spec.RancherKubernetesEngineConfig.BastionHost.SSHKey
  • Cluster.Spec.RancherKubernetesEngineConfig.PrivateRegistries[].ECRCredentialPlugin.AwsSecretAccessKey
  • Cluster.Spec.RancherKubernetesEngineConfig.PrivateRegistries[].ECRCredentialPlugin.AwsSessionToken
  • Cluster.Spec.RancherKubernetesEngineConfig.Network.AciNetworkProvider.ApicUserKey
  • Cluster.Spec.RancherKubernetesEngineConfig.Network.AciNetworkProvider.KafkaClientKey
  • Cluster.Spec.RancherKubernetesEngineConfig.Network.AciNetworkProvider.Token

Important:

  • For the exposure of credentials not related to Rancher, the final impact severity for confidentiality, integrity and availability is dependent on the permissions the leaked credentials have on their services.

  • It is recommended to review for potentially leaked credentials in this scenario and to change them if deemed necessary.

Workarounds

There is no direct mitigation besides updating Rancher to a patched version.

Patches

Patched versions include releases 2.5.17, 2.6.10, 2.7.1 and later versions.

After upgrading to a patched version, it is important to check for the ACISecretsMigrated and RKESecretsMigrated conditions on Clusters and ClusterTemplateRevisions to confirm when secrets have been fully migrated off of those objects, and the objects scoped within them.

For more information

If you have any questions or comments about this advisory:

Show details on source website

{
  "affected": [
    {
      "package": {
        "ecosystem": "Go",
        "name": "github.com/rancher/rancher"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "2.5.0"
            },
            {
              "fixed": "2.5.17"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "Go",
        "name": "github.com/rancher/rancher"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "2.6.0"
            },
            {
              "fixed": "2.6.10"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "Go",
        "name": "github.com/rancher/rancher"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "2.7.0"
            },
            {
              "fixed": "2.7.1"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2022-43757"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-200",
      "CWE-256",
      "CWE-312"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2023-01-25T19:36:57Z",
    "nvd_published_at": "2023-02-07T13:15:00Z",
    "severity": "HIGH"
  },
  "details": "### Impact\n\nThis issue affects Rancher versions from 2.5.0 up to and including 2.5.16, from 2.6.0 up to and including 2.6.9 and 2.7.0. It was discovered that the security advisory CVE-2021-36782 (GHSA-g7j7-h4q8-8w2f), previously released by Rancher, missed addressing some sensitive fields, secret tokens, encryption keys, and SSH keys that were still being stored in plaintext directly on Kubernetes objects like `Clusters`.\n\nThe exposed credentials are visible in Rancher to authenticated `Cluster Owners`, `Cluster Members`, `Project Owners` and `Project Members` of that cluster on the endpoints:\n\n- `/v1/management.cattle.io.cluster`\n- `/v1/management.cattle.io.clustertemplaterevisions`\n\nThe remaining sensitive fields are now stripped from `Clusters` and other objects and moved to a `Secret` before the object is stored. The `Secret` is retrieved when the credential is needed. For objects that existed before this security fix, a one-time migration happens on startup.\n\nThe fields that have been addressed by this security fix are:\n\n- `Cluster.Spec.RancherKubernetesEngineConfig.Services.KubeAPI.SecretsEncryptionConfig.CustomConfig.Providers[].AESGCM.Keys[].Secret`\n- `Cluster.Spec.RancherKubernetesEngineConfig.Services.KubeAPI.SecretsEncryptionConfig.CustomConfig.Providers[].AESCBC.Keys[].Secret`\n- `Cluster.Spec.RancherKubernetesEngineConfig.Services.KubeAPI.SecretsEncryptionConfig.CustomConfig.Providers[].SecretboxConfiguration.Keys[].Secret`\n- `Cluster.Spec.RancherKubernetesEngineConfig.Services.Kubelet.ExtraEnv` when containing the `AWS_SECRET_ACCESS_KEY` environment variable\n- `Cluster.Spec.RancherKubernetesEngineConfig.BastionHost.SSHKey`\n- `Cluster.Spec.RancherKubernetesEngineConfig.PrivateRegistries[].ECRCredentialPlugin.AwsSecretAccessKey`\n- `Cluster.Spec.RancherKubernetesEngineConfig.PrivateRegistries[].ECRCredentialPlugin.AwsSessionToken`\n- `Cluster.Spec.RancherKubernetesEngineConfig.Network.AciNetworkProvider.ApicUserKey`\n- `Cluster.Spec.RancherKubernetesEngineConfig.Network.AciNetworkProvider.KafkaClientKey`\n- `Cluster.Spec.RancherKubernetesEngineConfig.Network.AciNetworkProvider.Token`\n\n**Important:**\n\n- For the exposure of credentials not related to Rancher, the final impact severity for confidentiality, integrity and availability is dependent on the permissions the leaked credentials have on their services.\n\n- It is recommended to review for potentially leaked credentials in this scenario and to change them if deemed necessary.\n\n### Workarounds\n\nThere is no direct mitigation besides updating Rancher to a patched version.\n\n### Patches\n\nPatched versions include releases 2.5.17, 2.6.10, 2.7.1 and later versions.\n\nAfter upgrading to a patched version, it is important to check for the `ACISecretsMigrated` and `RKESecretsMigrated` conditions on `Clusters` and `ClusterTemplateRevisions` to confirm when secrets have been fully migrated off of those objects, and the objects scoped within them.\n\n### For more information\n\nIf you have any questions or comments about this advisory:\n\n* Reach out to [SUSE Rancher Security team](https://github.com/rancher/rancher/security/policy) for security related inquiries.\n* Open an issue in [Rancher](https://github.com/rancher/rancher/issues/new/choose) repository.\n* Verify our [support matrix](https://www.suse.com/suse-rancher/support-matrix/all-supported-versions/) and [product support lifecycle](https://www.suse.com/lifecycle/).",
  "id": "GHSA-cq4p-vp5q-4522",
  "modified": "2023-02-15T18:40:09Z",
  "published": "2023-01-25T19:36:57Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://github.com/rancher/rancher/security/advisories/GHSA-cq4p-vp5q-4522"
    },
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-43757"
    },
    {
      "type": "WEB",
      "url": "https://bugzilla.suse.com/show_bug.cgi?id=1205295"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/rancher/rancher"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ],
  "summary": "Plaintext storage of sensitive data in Rancher API and cluster.management.cattle.io objects"
}

GHSA-CQPF-HJ5R-9893

Vulnerability from github – Published: 2022-05-17 05:36 – Updated: 2025-10-22 03:30
VLAI
Details

The D-Link DIR-300 router stores cleartext passwords, which allows context-dependent attackers to obtain sensitive information via unspecified vectors.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2011-4723"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-312"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2011-12-20T11:55:00Z",
    "severity": "MODERATE"
  },
  "details": "The D-Link DIR-300 router stores cleartext passwords, which allows context-dependent attackers to obtain sensitive information via unspecified vectors.",
  "id": "GHSA-cqpf-hj5r-9893",
  "modified": "2025-10-22T03:30:29Z",
  "published": "2022-05-17T05:36:15Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2011-4723"
    },
    {
      "type": "WEB",
      "url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2011-4723"
    },
    {
      "type": "WEB",
      "url": "http://en.securitylab.ru/lab/PT-2011-30"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-CQVR-P82R-76M9

Vulnerability from github – Published: 2022-09-02 00:01 – Updated: 2022-09-08 00:00
VLAI
Details

The version of podman as released for Red Hat Enterprise Linux 7 Extras via RHSA-2022:2190 advisory included an incorrect version of podman missing the fix for CVE-2020-14370, which was previously fixed via RHSA-2020:5056. This issue could possibly allow an attacker to gain access to sensitive information stored in environment variables.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2022-2739"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-200",
      "CWE-312"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2022-09-01T21:15:00Z",
    "severity": "HIGH"
  },
  "details": "The version of podman as released for Red Hat Enterprise Linux 7 Extras via RHSA-2022:2190 advisory included an incorrect version of podman missing the fix for CVE-2020-14370, which was previously fixed via RHSA-2020:5056. This issue could possibly allow an attacker to gain access to sensitive information stored in environment variables.",
  "id": "GHSA-cqvr-p82r-76m9",
  "modified": "2022-09-08T00:00:29Z",
  "published": "2022-09-02T00:01:02Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-2739"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHSA-2022:6119"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/security/cve/CVE-2022-2739"
    },
    {
      "type": "WEB",
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2116927"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-CR32-VQ7C-R25J

Vulnerability from github – Published: 2023-09-27 15:30 – Updated: 2024-04-04 07:51
VLAI
Details

Hitachi Vantara Pentaho Business Analytics Server prior to versions 9.5.0.0 and 9.3.0.4, including 8.3.x.x, saves passwords of the Hadoop Copy Files step in plaintext. 

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2023-2358"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-257",
      "CWE-312"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2023-09-27T15:18:50Z",
    "severity": "MODERATE"
  },
  "details": "\nHitachi Vantara Pentaho Business Analytics Server prior to versions 9.5.0.0 and 9.3.0.4, including 8.3.x.x, saves passwords of the Hadoop Copy Files step in plaintext.\u00a0\n\n",
  "id": "GHSA-cr32-vq7c-r25j",
  "modified": "2024-04-04T07:51:34Z",
  "published": "2023-09-27T15:30:34Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-2358"
    },
    {
      "type": "WEB",
      "url": "https://support.pentaho.com/hc/en-us/articles/19668208622221"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-CRFW-8VVM-PM25

Vulnerability from github – Published: 2026-04-21 21:31 – Updated: 2026-04-21 21:31
VLAI
Details

A vulnerability was determined in Sanluan PublicCMS up to 6.202506.d. Affected is the function log_login of the file core/src/main/java/com/publiccms/controller/admin/LoginAdminController.java of the component Failed Login Handler. This manipulation of the argument errorPassword causes cleartext storage in a file or on disk. It is possible to initiate the attack remotely. The vendor was contacted early about this disclosure but did not respond in any way.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2026-6796"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-312"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2026-04-21T21:16:48Z",
    "severity": "MODERATE"
  },
  "details": "A vulnerability was determined in Sanluan PublicCMS up to 6.202506.d. Affected is the function log_login of the file core/src/main/java/com/publiccms/controller/admin/LoginAdminController.java of the component Failed Login Handler. This manipulation of the argument errorPassword causes cleartext storage in a file or on disk. It is possible to initiate the attack remotely. The vendor was contacted early about this disclosure but did not respond in any way.",
  "id": "GHSA-crfw-8vvm-pm25",
  "modified": "2026-04-21T21:31:28Z",
  "published": "2026-04-21T21:31:28Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-6796"
    },
    {
      "type": "WEB",
      "url": "https://vuldb.com/submit/794797"
    },
    {
      "type": "WEB",
      "url": "https://vuldb.com/vuln/358490"
    },
    {
      "type": "WEB",
      "url": "https://vuldb.com/vuln/358490/cti"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
      "type": "CVSS_V3"
    },
    {
      "score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
      "type": "CVSS_V4"
    }
  ]
}

GHSA-CV78-F6R2-G223

Vulnerability from github – Published: 2022-05-01 02:06 – Updated: 2024-02-13 18:38
VLAI
Details

Capturix ScanShare 1.06 build 50 stores sensitive information such as the password in cleartext in capturixss_cfg.ini, which is readable by local users.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2005-2209"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-312"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2005-07-11T04:00:00Z",
    "severity": "LOW"
  },
  "details": "Capturix ScanShare 1.06 build 50 stores sensitive information such as the password in cleartext in capturixss_cfg.ini, which is readable by local users.",
  "id": "GHSA-cv78-f6r2-g223",
  "modified": "2024-02-13T18:38:20Z",
  "published": "2022-05-01T02:06:04Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2005-2209"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/15995"
    },
    {
      "type": "WEB",
      "url": "http://securitytracker.com/id?1014409"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

Mitigation
Implementation System Configuration Operation

When storing data in the cloud (e.g., S3 buckets, Azure blobs, Google Cloud Storage, etc.), use the provider's controls to encrypt the data at rest. [REF-1297] [REF-1299] [REF-1301]

Mitigation
Implementation System Configuration Operation

In some systems/environments such as cloud, the use of "double encryption" (at both the software and hardware layer) might be required, and the developer might be solely responsible for both layers, instead of shared responsibility with the administrator of the broader system/environment.

CAPEC-37: Retrieve Embedded Sensitive Data

An attacker examines a target system to find sensitive data that has been embedded within it. This information can reveal confidential contents, such as account numbers or individual keys/credentials that can be used as an intermediate step in a larger attack.