Common Weakness Enumeration

CWE-312

Allowed

Cleartext Storage of Sensitive Information

Abstraction: Base · Status: Draft

The product stores sensitive information in cleartext within a resource that might be accessible to another control sphere.

1017 vulnerabilities reference this CWE, most recent first.

GHSA-HMG4-2338-PM28

Vulnerability from github – Published: 2022-07-19 00:00 – Updated: 2022-07-24 00:00
VLAI
Details

Browsing the path: http://ip/wifi_ap_pata_get.cmd, will show in the name of the existing access point on the component, and a password in clear text.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2022-30626"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-312"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2022-07-18T13:15:00Z",
    "severity": "HIGH"
  },
  "details": "Browsing the path: http://ip/wifi_ap_pata_get.cmd, will show in the name of the existing access point on the component, and a password in clear text.",
  "id": "GHSA-hmg4-2338-pm28",
  "modified": "2022-07-24T00:00:36Z",
  "published": "2022-07-19T00:00:29Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-30626"
    },
    {
      "type": "WEB",
      "url": "https://www.gov.il/en/Departments/faq/cve_advisories"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-HP3R-5R53-CGP6

Vulnerability from github – Published: 2022-05-24 17:46 – Updated: 2024-07-30 03:30
VLAI
Details

An issue was discovered in WiZ Colors A60 1.14.0. API credentials are locally logged.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2020-11923"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-312"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2021-04-02T19:15:00Z",
    "severity": "MODERATE"
  },
  "details": "An issue was discovered in WiZ Colors A60 1.14.0. API credentials are locally logged.",
  "id": "GHSA-hp3r-5r53-cgp6",
  "modified": "2024-07-30T03:30:50Z",
  "published": "2022-05-24T17:46:07Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-11923"
    },
    {
      "type": "WEB",
      "url": "https://www.eurofins-cybersecurity.com/news/connected-devices-wiz-smart-lightbulbs"
    },
    {
      "type": "WEB",
      "url": "http://seclists.org/fulldisclosure/2024/Jul/14"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-HPV3-F5P7-PXJ9

Vulnerability from github – Published: 2023-10-25 18:32 – Updated: 2023-11-02 21:21
VLAI
Summary
Jenkins lambdatest-automation Plugin may expose Credentials access token
Details

Jenkins lambdatest-automation Plugin 1.20.10 and earlier logs LAMBDATEST Credentials access token at the INFO level.

This can result in accidental exposure of the token through the default system log.

lambdatest-automation Plugin 1.21.0 no longer logs LAMBDATEST Credentials access token.

Show details on source website

{
  "affected": [
    {
      "package": {
        "ecosystem": "Maven",
        "name": "org.jenkins-ci.plugins:lambdatest-automation"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "1.21.0"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2023-46653"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-312"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2023-11-02T21:21:35Z",
    "nvd_published_at": "2023-10-25T18:17:40Z",
    "severity": "LOW"
  },
  "details": "Jenkins lambdatest-automation Plugin 1.20.10 and earlier logs LAMBDATEST Credentials access token at the INFO level.\n\nThis can result in accidental exposure of the token through the default system log.\n\nlambdatest-automation Plugin 1.21.0 no longer logs LAMBDATEST Credentials access token.",
  "id": "GHSA-hpv3-f5p7-pxj9",
  "modified": "2023-11-02T21:21:35Z",
  "published": "2023-10-25T18:32:25Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-46653"
    },
    {
      "type": "WEB",
      "url": "https://www.jenkins.io/security/advisory/2023-10-25/#SECURITY-3202"
    },
    {
      "type": "WEB",
      "url": "http://www.openwall.com/lists/oss-security/2023/10/25/2"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N",
      "type": "CVSS_V3"
    }
  ],
  "summary": "Jenkins lambdatest-automation Plugin may expose Credentials access token"
}

GHSA-HQHX-GH2G-HC88

Vulnerability from github – Published: 2022-05-24 19:11 – Updated: 2022-05-24 19:11
VLAI
Details

UCWeb UC 12.12.3.1219 through 12.12.3.1226 uses cleartext HTTP, and thus man-in-the-middle attackers can discover visited URLs.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2020-36473"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-312"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2021-08-14T21:15:00Z",
    "severity": "MODERATE"
  },
  "details": "UCWeb UC 12.12.3.1219 through 12.12.3.1226 uses cleartext HTTP, and thus man-in-the-middle attackers can discover visited URLs.",
  "id": "GHSA-hqhx-gh2g-hc88",
  "modified": "2022-05-24T19:11:10Z",
  "published": "2022-05-24T19:11:10Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-36473"
    },
    {
      "type": "WEB",
      "url": "https://medium.com/@ciph3r/why-you-should-not-use-uc-browser-54558916d020"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

GHSA-HQM4-P64V-22XM

Vulnerability from github – Published: 2023-07-20 18:33 – Updated: 2024-04-04 06:17
VLAI
Details

Dell Wyse ThinOS versions prior to 2303 (9.4.1141) contain a sensitive information disclosure vulnerability. An unauthenticated malicious user with local access to the device could exploit this vulnerability to read sensitive information written to the log files.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2023-32446"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-312",
      "CWE-532"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2023-07-20T13:15:10Z",
    "severity": "MODERATE"
  },
  "details": "\nDell Wyse ThinOS versions prior to 2303 (9.4.1141) contain a sensitive information disclosure vulnerability. An unauthenticated malicious user with local access to the device could exploit this vulnerability to read sensitive information written to the log files.\n\n",
  "id": "GHSA-hqm4-p64v-22xm",
  "modified": "2024-04-04T06:17:43Z",
  "published": "2023-07-20T18:33:43Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-32446"
    },
    {
      "type": "WEB",
      "url": "https://www.dell.com/support/kbdoc/en-us/000215864/dsa-2023-247"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-HQQQ-FQ68-35HF

Vulnerability from github – Published: 2025-12-18 00:34 – Updated: 2025-12-18 00:34
VLAI
Details

A flaw has been found in ZZCMS 2025. Affected by this vulnerability is an unknown functionality of the file /reg/user_save.php of the component User Data Storage Module. This manipulation causes cleartext storage in a file or on disk. Remote exploitation of the attack is possible. The exploit has been published and may be used.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2025-14836"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-312"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-12-17T23:15:56Z",
    "severity": "MODERATE"
  },
  "details": "A flaw has been found in ZZCMS 2025. Affected by this vulnerability is an unknown functionality of the file /reg/user_save.php of the component User Data Storage Module. This manipulation causes cleartext storage in a file or on disk. Remote exploitation of the attack is possible. The exploit has been published and may be used.",
  "id": "GHSA-hqqq-fq68-35hf",
  "modified": "2025-12-18T00:34:08Z",
  "published": "2025-12-18T00:34:08Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-14836"
    },
    {
      "type": "WEB",
      "url": "https://note-hxlab.wetolink.com/share/bu2KYevoyBm6"
    },
    {
      "type": "WEB",
      "url": "https://vuldb.com/?ctiid.336986"
    },
    {
      "type": "WEB",
      "url": "https://vuldb.com/?id.336986"
    },
    {
      "type": "WEB",
      "url": "https://vuldb.com/?submit.711654"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N",
      "type": "CVSS_V3"
    },
    {
      "score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
      "type": "CVSS_V4"
    }
  ]
}

GHSA-HVX4-75HG-H9CR

Vulnerability from github – Published: 2022-05-24 19:19 – Updated: 2022-05-24 19:19
VLAI
Details

A vulnerability of storing sensitive information insecurely in Property Settings prior to SMR Nov-2021 Release 1 allows attackers to read ESN value without priviledge.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2021-25502"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-312"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2021-11-05T03:15:00Z",
    "severity": "MODERATE"
  },
  "details": "A vulnerability of storing sensitive information insecurely in Property Settings prior to SMR Nov-2021 Release 1 allows attackers to read ESN value without priviledge.",
  "id": "GHSA-hvx4-75hg-h9cr",
  "modified": "2022-05-24T19:19:52Z",
  "published": "2022-05-24T19:19:52Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-25502"
    },
    {
      "type": "WEB",
      "url": "https://security.samsungmobile.com/securityUpdate.smsb?year=2021\u0026month=11"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

GHSA-HW49-57P9-2MH2

Vulnerability from github – Published: 2022-04-21 01:54 – Updated: 2024-02-28 01:00
VLAI
Details

There is a file disclosure vulnerability in SMF (Simple Machines Forum) affecting versions through v2.0.3. On some configurations a SMF deployment is shared by several "co-admins" that are not trusted beyond the SMF deployment. This vulnerability allows them to read arbitrary files on the filesystem and therefore gain new privileges by reading the settings.php with the database passwords.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2009-5068"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-312"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2020-01-15T21:15:00Z",
    "severity": "HIGH"
  },
  "details": "There is a file disclosure vulnerability in SMF (Simple Machines Forum) affecting versions through v2.0.3. On some configurations a SMF deployment is shared by several \"co-admins\" that are not trusted beyond the SMF deployment. This vulnerability allows them to read arbitrary files on the filesystem and therefore gain new privileges by reading the settings.php with the database passwords.",
  "id": "GHSA-hw49-57p9-2mh2",
  "modified": "2024-02-28T01:00:26Z",
  "published": "2022-04-21T01:54:05Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2009-5068"
    },
    {
      "type": "WEB",
      "url": "http://www.openwall.com/lists/oss-security/2013/02/01/4"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-HWHC-W7RM-VH46

Vulnerability from github – Published: 2025-07-21 18:32 – Updated: 2025-08-07 15:33
VLAI
Details

In the configuration file of racoon in the TRENDnet TEW-WLC100P 2.03b03, the first item of exchage_mode is set to aggressive. Aggressive mode in IKE Phase 1 exposes identity information in plaintext, is vulnerable to offline dictionary attacks, and lacks flexibility in negotiating security parameters.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2025-44649"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-312"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-07-21T17:15:37Z",
    "severity": "HIGH"
  },
  "details": "In the configuration file of racoon in the TRENDnet TEW-WLC100P 2.03b03, the first item of exchage_mode is set to aggressive. Aggressive mode in IKE Phase 1 exposes identity information in plaintext, is vulnerable to offline dictionary attacks, and lacks flexibility in negotiating security parameters.",
  "id": "GHSA-hwhc-w7rm-vh46",
  "modified": "2025-08-07T15:33:08Z",
  "published": "2025-07-21T18:32:18Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-44649"
    },
    {
      "type": "WEB",
      "url": "https://gist.github.com/TPCchecker/6d787c4916891f493b274b70abfad860"
    },
    {
      "type": "WEB",
      "url": "https://www.notion.so/CVE-2025-44649-24754a1113e780a4a1d1c4cd6d3ff345"
    },
    {
      "type": "WEB",
      "url": "http://tew-wlc100p.com"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-HWHQ-R32M-F746

Vulnerability from github – Published: 2022-09-30 00:00 – Updated: 2022-09-30 00:00
VLAI
Details

Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has a hardcoded Erlang cookie for ejabberd replication.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2020-15325"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-312"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2022-09-29T03:15:00Z",
    "severity": "MODERATE"
  },
  "details": "Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has a hardcoded Erlang cookie for ejabberd replication.",
  "id": "GHSA-hwhq-r32m-f746",
  "modified": "2022-09-30T00:00:33Z",
  "published": "2022-09-30T00:00:33Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-15325"
    },
    {
      "type": "WEB",
      "url": "https://pierrekim.github.io/blog/2020-03-09-zyxel-secumanager-0day-vulnerabilities.html"
    },
    {
      "type": "WEB",
      "url": "https://www.zyxel.com/support/vulnerabilities-of-CloudCNM-SecuManager.shtml"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

Mitigation
Implementation System Configuration Operation

When storing data in the cloud (e.g., S3 buckets, Azure blobs, Google Cloud Storage, etc.), use the provider's controls to encrypt the data at rest. [REF-1297] [REF-1299] [REF-1301]

Mitigation
Implementation System Configuration Operation

In some systems/environments such as cloud, the use of "double encryption" (at both the software and hardware layer) might be required, and the developer might be solely responsible for both layers, instead of shared responsibility with the administrator of the broader system/environment.

CAPEC-37: Retrieve Embedded Sensitive Data

An attacker examines a target system to find sensitive data that has been embedded within it. This information can reveal confidential contents, such as account numbers or individual keys/credentials that can be used as an intermediate step in a larger attack.