CWE-312
AllowedCleartext Storage of Sensitive Information
Abstraction: Base · Status: Draft
The product stores sensitive information in cleartext within a resource that might be accessible to another control sphere.
1017 vulnerabilities reference this CWE, most recent first.
GHSA-J724-GWG9-QJVW
Vulnerability from github – Published: 2022-12-13 18:30 – Updated: 2022-12-15 18:30The vCenter Server contains an information disclosure vulnerability due to the logging of credentials in plaintext. A malicious actor with access to a workstation that invoked a vCenter Server Appliance ISO operation (Install/Upgrade/Migrate/Restore) can access plaintext passwords used during that operation.
{
"affected": [],
"aliases": [
"CVE-2022-31697"
],
"database_specific": {
"cwe_ids": [
"CWE-312"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2022-12-13T16:15:00Z",
"severity": "MODERATE"
},
"details": "The vCenter Server contains an information disclosure vulnerability due to the logging of credentials in plaintext. A malicious actor with access to a workstation that invoked a vCenter Server Appliance ISO operation (Install/Upgrade/Migrate/Restore) can access plaintext passwords used during that operation.",
"id": "GHSA-j724-gwg9-qjvw",
"modified": "2022-12-15T18:30:18Z",
"published": "2022-12-13T18:30:33Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-31697"
},
{
"type": "WEB",
"url": "https://www.vmware.com/security/advisories/VMSA-2022-0030.html"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-J8G4-MCWM-V999
Vulnerability from github – Published: 2026-03-10 18:31 – Updated: 2026-03-10 18:31The SAP Customer Checkout application exhibits certain design characteristics that involve locally storing operational data using reversible protection mechanisms. Access to this data, combined with user?initiated interaction, may allow modifications to occur without validation. Such changes could affect system behaviour during startup, resulting in a high impact on the application's confidentiality and integrity, with a low impact on availability.
{
"affected": [],
"aliases": [
"CVE-2026-24311"
],
"database_specific": {
"cwe_ids": [
"CWE-312"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2026-03-10T17:35:55Z",
"severity": "MODERATE"
},
"details": "The SAP Customer Checkout application exhibits certain design characteristics that involve locally storing operational data using reversible protection mechanisms. Access to this data, combined with user?initiated interaction, may allow modifications to occur without validation. Such changes could affect system behaviour during startup, resulting in a high impact on the application\u0027s confidentiality and integrity, with a low impact on availability.",
"id": "GHSA-j8g4-mcwm-v999",
"modified": "2026-03-10T18:31:16Z",
"published": "2026-03-10T18:31:16Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-24311"
},
{
"type": "WEB",
"url": "https://me.sap.com/notes/3708457"
},
{
"type": "WEB",
"url": "https://url.sap/sapsecuritypatchday"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:P/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:L",
"type": "CVSS_V3"
}
]
}
GHSA-J8XJ-8R3H-54X2
Vulnerability from github – Published: 2022-05-24 16:48 – Updated: 2022-10-11 19:00Information leak in autofill in Google Chrome prior to 74.0.3729.108 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page.
{
"affected": [],
"aliases": [
"CVE-2019-5810"
],
"database_specific": {
"cwe_ids": [
"CWE-312"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2019-06-27T17:15:00Z",
"severity": "MODERATE"
},
"details": "Information leak in autofill in Google Chrome prior to 74.0.3729.108 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page.",
"id": "GHSA-j8xj-8r3h-54x2",
"modified": "2022-10-11T19:00:38Z",
"published": "2022-05-24T16:48:53Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-5810"
},
{
"type": "WEB",
"url": "https://chromereleases.googleblog.com/2019/04/stable-channel-update-for-desktop_23.html"
},
{
"type": "WEB",
"url": "https://crbug.com/916838"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CPM7VPE27DUNJLXM4F5PAAEFFWOEND6X"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FKN4GPMBQ3SDXWB4HL45II5CZ7P2E4AI"
},
{
"type": "WEB",
"url": "https://seclists.org/bugtraq/2019/Aug/19"
},
{
"type": "WEB",
"url": "https://security.gentoo.org/glsa/201908-18"
},
{
"type": "WEB",
"url": "https://www.debian.org/security/2019/dsa-4500"
},
{
"type": "WEB",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00085.html"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-J933-CGHJ-HRPX
Vulnerability from github – Published: 2022-05-02 03:20 – Updated: 2025-04-09 04:06UserView_list.php in PHPRunner 4.2, and possibly earlier, stores passwords in cleartext in the database, which allows attackers to gain privileges. NOTE: this can be leveraged with a separate SQL injection vulnerability to obtain passwords remotely without authentication.
{
"affected": [],
"aliases": [
"CVE-2009-0964"
],
"database_specific": {
"cwe_ids": [
"CWE-312"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2009-03-19T10:30:00Z",
"severity": "MODERATE"
},
"details": "UserView_list.php in PHPRunner 4.2, and possibly earlier, stores passwords in cleartext in the database, which allows attackers to gain privileges. NOTE: this can be leveraged with a separate SQL injection vulnerability to obtain passwords remotely without authentication.",
"id": "GHSA-j933-cghj-hrpx",
"modified": "2025-04-09T04:06:40Z",
"published": "2022-05-02T03:20:15Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2009-0964"
},
{
"type": "WEB",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/49279"
},
{
"type": "WEB",
"url": "https://www.exploit-db.com/exploits/8226"
},
{
"type": "WEB",
"url": "http://osvdb.org/52804"
},
{
"type": "WEB",
"url": "http://www.bugreport.ir/index_63.htm"
},
{
"type": "WEB",
"url": "http://www.securityfocus.com/archive/1/501894/100/0/threaded"
},
{
"type": "WEB",
"url": "http://www.vupen.com/english/advisories/2009/0750"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-J947-FH29-79V6
Vulnerability from github – Published: 2022-02-09 00:00 – Updated: 2026-07-05 03:30PrinterLogic Web Stack versions 19.1.1.13 SP9 and below are vulnerable to an Insecure Direct Object Reference (IDOR) vulnerability that allows an unauthenticated attacker to disclose the plaintext console username and password for a printer.
{
"affected": [],
"aliases": [
"CVE-2021-42642"
],
"database_specific": {
"cwe_ids": [
"CWE-312"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2022-02-02T18:15:00Z",
"severity": "HIGH"
},
"details": "PrinterLogic Web Stack versions 19.1.1.13 SP9 and below are vulnerable to an Insecure Direct Object Reference (IDOR) vulnerability that allows an unauthenticated attacker to disclose the plaintext console username and password for a printer.",
"id": "GHSA-j947-fh29-79v6",
"modified": "2026-07-05T03:30:44Z",
"published": "2022-02-09T00:00:50Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-42642"
},
{
"type": "WEB",
"url": "https://portswigger.net/daily-swig/printerlogic-vendor-addresses-triple-rce-threat-against-all-connected-endpoints"
},
{
"type": "WEB",
"url": "https://securityaffairs.co/wordpress/127194/security/printerlogic-printer-management-suite-flaws.html"
},
{
"type": "WEB",
"url": "https://thecyberthrone.in/2022/01/26/printerlogic-%F0%9F%96%A8-fixes-critical-vulnerabilities-in-its-suite/?utm_source=rss\u0026utm_medium=rss\u0026utm_campaign=printerlogic-%25f0%259f%2596%25a8-fixes-critical-vulnerabilities-in-its-suite"
},
{
"type": "WEB",
"url": "https://www.printerlogic.com/security-bulletin"
},
{
"type": "WEB",
"url": "https://www.securityweek.com/printerlogic-patches-code-execution-flaws-printer-management-suite"
},
{
"type": "WEB",
"url": "https://www.yahooinc.com/paranoids/paranoids-vulnerability-research-printerlogic-issues-security-alert"
},
{
"type": "WEB",
"url": "http://printerlogic.com"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-J955-P84J-6JRR
Vulnerability from github – Published: 2026-01-26 12:30 – Updated: 2026-01-26 12:30With physical access to the device and enough time an attacker can desolder the flash memory, modify it and then reinstall it because of missing encryption. Thus, essential files, such as "/etc/passwd", as well as stored certificates, cryptographic keys, stored PINs and so on can be modified and read, in order to gain SSH root access on the Linux-based K7 model. On the Windows CE based K5 model, the password for the Access Manager can additionally be read in plain text from the stored SQLite database.
{
"affected": [],
"aliases": [
"CVE-2025-59105"
],
"database_specific": {
"cwe_ids": [
"CWE-312"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2026-01-26T10:16:08Z",
"severity": "HIGH"
},
"details": "With physical access to the device and enough time an attacker can desolder the flash memory, modify it and then reinstall it because of missing encryption. Thus, essential files, such as \"/etc/passwd\", as well as stored certificates, cryptographic keys, stored PINs and so on can be modified and read, in order to gain SSH root access on the Linux-based K7 model. On the Windows CE based K5 model, the password for the Access Manager can additionally be read in plain text from the stored SQLite database.",
"id": "GHSA-j955-p84j-6jrr",
"modified": "2026-01-26T12:30:29Z",
"published": "2026-01-26T12:30:29Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-59105"
},
{
"type": "WEB",
"url": "https://r.sec-consult.com/dkaccess"
},
{
"type": "WEB",
"url": "https://r.sec-consult.com/dormakaba"
},
{
"type": "WEB",
"url": "https://www.dormakabagroup.com/en/security-advisories"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:4.0/AV:P/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"type": "CVSS_V4"
}
]
}
GHSA-J978-QG6W-8M3G
Vulnerability from github – Published: 2022-05-24 19:17 – Updated: 2023-08-02 00:30Rich Text Edit Control Information Disclosure Vulnerability
{
"affected": [],
"aliases": [
"CVE-2021-40454"
],
"database_specific": {
"cwe_ids": [
"CWE-312"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2021-10-13T01:15:00Z",
"severity": "MODERATE"
},
"details": "Rich Text Edit Control Information Disclosure Vulnerability",
"id": "GHSA-j978-qg6w-8m3g",
"modified": "2023-08-02T00:30:35Z",
"published": "2022-05-24T19:17:33Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-40454"
},
{
"type": "WEB",
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-40454"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-JCRF-QJQF-VJ89
Vulnerability from github – Published: 2022-05-24 17:47 – Updated: 2022-05-24 17:47An internal product security audit of Lenovo XClarity Controller (XCC) discovered that the XCC configuration backup/restore password may be written to an internal XCC log buffer if Lenovo XClarity Administrator (LXCA) is used to perform the backup/restore. The backup/restore password typically exists in this internal log buffer for less than 10 minutes before being overwritten. Generating an FFDC service log will include the log buffer contents, including the backup/restore password if present. The FFDC service log is only generated when requested by a privileged XCC user and it is only accessible to the privileged XCC user that requested the file. The backup/restore password is not captured if the backup/restore is initiated directly from XCC.
{
"affected": [],
"aliases": [
"CVE-2021-3473"
],
"database_specific": {
"cwe_ids": [
"CWE-312"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2021-04-13T21:15:00Z",
"severity": "MODERATE"
},
"details": "An internal product security audit of Lenovo XClarity Controller (XCC) discovered that the XCC configuration backup/restore password may be written to an internal XCC log buffer if Lenovo XClarity Administrator (LXCA) is used to perform the backup/restore. The backup/restore password typically exists in this internal log buffer for less than 10 minutes before being overwritten. Generating an FFDC service log will include the log buffer contents, including the backup/restore password if present. The FFDC service log is only generated when requested by a privileged XCC user and it is only accessible to the privileged XCC user that requested the file. The backup/restore password is not captured if the backup/restore is initiated directly from XCC.",
"id": "GHSA-jcrf-qjqf-vj89",
"modified": "2022-05-24T17:47:31Z",
"published": "2022-05-24T17:47:31Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-3473"
},
{
"type": "WEB",
"url": "https://support.lenovo.com/us/en/product_security/LEN-52117"
}
],
"schema_version": "1.4.0",
"severity": []
}
GHSA-JCWW-8CQJ-R3V2
Vulnerability from github – Published: 2024-04-26 21:31 – Updated: 2024-11-04 18:31Asus RT-N12+ B1 router stores user passwords in plaintext, which could allow local attackers to obtain unauthorized access and modify router settings.
{
"affected": [],
"aliases": [
"CVE-2024-28327"
],
"database_specific": {
"cwe_ids": [
"CWE-312"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-04-26T19:15:47Z",
"severity": "HIGH"
},
"details": "Asus RT-N12+ B1 router stores user passwords in plaintext, which could allow local attackers to obtain unauthorized access and modify router settings.",
"id": "GHSA-jcww-8cqj-r3v2",
"modified": "2024-11-04T18:31:17Z",
"published": "2024-04-26T21:31:11Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-28327"
},
{
"type": "WEB",
"url": "https://github.com/ShravanSinghRathore/ASUS-RT-N300-B1/wiki/Insecure-Credential-Storage-CVE%E2%80%902024%E2%80%9028327"
},
{
"type": "WEB",
"url": "http://asus.com"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-JF2M-25H5-XP3J
Vulnerability from github – Published: 2023-03-07 18:30 – Updated: 2023-03-14 21:30An exposure of sensitive information to an unauthorized actor [CWE-200] vulnerability in FortiAnalyzer versions 7.2.0 through 7.2.1, 7.0.0 through 7.0.4 and 6.4.0 through 6.4.10 may allow a remote authenticated attacker to read the client machine password in plain text in a heartbeat response when a log-fetch request is made from the FortiAnalyzer
{
"affected": [],
"aliases": [
"CVE-2023-23776"
],
"database_specific": {
"cwe_ids": [
"CWE-312"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2023-03-07T17:15:00Z",
"severity": "LOW"
},
"details": "An exposure of sensitive information to an unauthorized actor [CWE-200] vulnerability in FortiAnalyzer versions 7.2.0 through 7.2.1, 7.0.0 through 7.0.4 and 6.4.0 through 6.4.10 may allow a remote authenticated attacker to read the client machine password in plain text in a heartbeat response when a log-fetch request is made from the FortiAnalyzer",
"id": "GHSA-jf2m-25h5-xp3j",
"modified": "2023-03-14T21:30:22Z",
"published": "2023-03-07T18:30:39Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-23776"
},
{
"type": "WEB",
"url": "https://fortiguard.com/psirt/FG-IR-22-447"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N",
"type": "CVSS_V3"
}
]
}
Mitigation
When storing data in the cloud (e.g., S3 buckets, Azure blobs, Google Cloud Storage, etc.), use the provider's controls to encrypt the data at rest. [REF-1297] [REF-1299] [REF-1301]
Mitigation
In some systems/environments such as cloud, the use of "double encryption" (at both the software and hardware layer) might be required, and the developer might be solely responsible for both layers, instead of shared responsibility with the administrator of the broader system/environment.
CAPEC-37: Retrieve Embedded Sensitive Data
An attacker examines a target system to find sensitive data that has been embedded within it. This information can reveal confidential contents, such as account numbers or individual keys/credentials that can be used as an intermediate step in a larger attack.