CWE-313
AllowedCleartext Storage in a File or on Disk
Abstraction: Variant · Status: Draft
The product stores sensitive information in cleartext in a file, or on disk.
49 vulnerabilities reference this CWE, most recent first.
GHSA-3W2C-34CM-PFVC
Vulnerability from github – Published: 2023-05-24 12:30 – Updated: 2023-05-24 12:30A vulnerability has been found in Simple Design Daily Journal 1.012.GP.B on Android and classified as problematic. Affected by this vulnerability is an unknown functionality of the component SQLite Database. The manipulation leads to cleartext storage in a file or on disk. It is possible to launch the attack on the local host. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-229819.
{
"affected": [],
"aliases": [
"CVE-2023-2863"
],
"database_specific": {
"cwe_ids": [
"CWE-312",
"CWE-313"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2023-05-24T10:15:09Z",
"severity": "LOW"
},
"details": "A vulnerability has been found in Simple Design Daily Journal 1.012.GP.B on Android and classified as problematic. Affected by this vulnerability is an unknown functionality of the component SQLite Database. The manipulation leads to cleartext storage in a file or on disk. It is possible to launch the attack on the local host. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-229819.",
"id": "GHSA-3w2c-34cm-pfvc",
"modified": "2023-05-24T12:30:17Z",
"published": "2023-05-24T12:30:17Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-2863"
},
{
"type": "WEB",
"url": "https://vuldb.com/?ctiid.229819"
},
{
"type": "WEB",
"url": "https://vuldb.com/?id.229819"
},
{
"type": "WEB",
"url": "https://www.youtube.com/watch?v=V0u9C5RVSic"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-42WF-QRFC-C5M5
Vulnerability from github – Published: 2022-05-24 17:10 – Updated: 2024-01-09 12:30A vulnerability has been identified in SiNVR 3 Central Control Server (CCS) (all versions), SiNVR 3 Video Server (all versions). The FTP service of the SiNVR 3 Central Control Server (CCS) maintains a log file that stores login credentials in cleartext. In configurations where the FTP service is enabled, authenticated remote attackers could extract login credentials of other users of the service.
{
"affected": [],
"aliases": [
"CVE-2019-19291"
],
"database_specific": {
"cwe_ids": [
"CWE-312",
"CWE-313"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2020-03-10T20:15:00Z",
"severity": "LOW"
},
"details": "A vulnerability has been identified in SiNVR 3 Central Control Server (CCS) (all versions), SiNVR 3 Video Server (all versions). The FTP service of the SiNVR 3 Central Control Server (CCS) maintains a log file that stores login credentials in cleartext. In configurations where the FTP service is enabled, authenticated remote attackers could extract login credentials of other users of the service.",
"id": "GHSA-42wf-qrfc-c5m5",
"modified": "2024-01-09T12:30:35Z",
"published": "2022-05-24T17:10:36Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-19291"
},
{
"type": "WEB",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-761844.pdf"
},
{
"type": "WEB",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-844761.pdf"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-6V48-P2G5-G5G2
Vulnerability from github – Published: 2024-09-12 15:33 – Updated: 2024-10-31 21:31No-IP Dynamic Update Client (DUC) v3.x uses cleartext credentials that may occur on a command line or in a file. NOTE: the vendor's position is that cleartext in /etc/default/noip-duc is recommended and is the intentional behavior.
{
"affected": [],
"aliases": [
"CVE-2024-40457"
],
"database_specific": {
"cwe_ids": [
"CWE-312",
"CWE-313"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-09-12T14:16:06Z",
"severity": "CRITICAL"
},
"details": "No-IP Dynamic Update Client (DUC) v3.x uses cleartext credentials that may occur on a command line or in a file. NOTE: the vendor\u0027s position is that cleartext in /etc/default/noip-duc is recommended and is the intentional behavior.",
"id": "GHSA-6v48-p2g5-g5g2",
"modified": "2024-10-31T21:31:44Z",
"published": "2024-09-12T15:33:01Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-40457"
},
{
"type": "WEB",
"url": "https://github.com/jeppojeps/CVE-2024-40457-PoC"
},
{
"type": "WEB",
"url": "https://www.noip.com/support/knowledgebase/install-linux-3-x-dynamic-update-client-duc"
},
{
"type": "WEB",
"url": "https://www.noip.com/support/knowledgebase/running-linux-duc-v3-0-startup-2"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-8HGR-RP5M-J4MG
Vulnerability from github – Published: 2024-09-21 06:30 – Updated: 2024-09-26 09:31The configuration file stores credentials in cleartext. An attacker with local access rights can read or modify the configuration file, potentially resulting in the service being abused due to sensitive information exposure.
{
"affected": [],
"aliases": [
"CVE-2024-6785"
],
"database_specific": {
"cwe_ids": [
"CWE-312",
"CWE-313"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-09-21T05:15:11Z",
"severity": "MODERATE"
},
"details": "The configuration file stores credentials in cleartext. An attacker with local access rights can read or modify the configuration file, potentially resulting in the service being abused due to sensitive information exposure.",
"id": "GHSA-8hgr-rp5m-j4mg",
"modified": "2024-09-26T09:31:41Z",
"published": "2024-09-21T06:30:43Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-6785"
},
{
"type": "WEB",
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-24-268-05"
},
{
"type": "WEB",
"url": "https://www.moxa.com/en/support/product-support/security-advisory/mpsa-240735-multiple-vulnerabilities-in-mxview-one-and-mxview-one-central-manager-series"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
},
{
"score": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"type": "CVSS_V4"
}
]
}
GHSA-9CRG-J5Q8-HWV3
Vulnerability from github – Published: 2026-01-07 21:31 – Updated: 2026-01-07 21:31MicroServer copies parts of the system firmware to an unencrypted external SD card on boot, which contains user and vendor secrets. An attacker can utilize these plaintext secrets to modify the vendor firmware, or gain admin access to the web portal.
{
"affected": [],
"aliases": [
"CVE-2025-64305"
],
"database_specific": {
"cwe_ids": [
"CWE-313"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2026-01-07T21:15:58Z",
"severity": "HIGH"
},
"details": "MicroServer copies parts of the system firmware to an unencrypted external SD card on boot, which contains user and vendor secrets. An attacker can utilize these plaintext secrets to modify the vendor firmware, or gain admin access to the web portal.",
"id": "GHSA-9crg-j5q8-hwv3",
"modified": "2026-01-07T21:31:56Z",
"published": "2026-01-07T21:31:56Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-64305"
},
{
"type": "WEB",
"url": "https://github.com/cisagov/CSAF/blob/develop/csaf_files/OT/white/2026/icsa-26-006-01.json"
},
{
"type": "WEB",
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-26-006-01"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
},
{
"score": "CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"type": "CVSS_V4"
}
]
}
GHSA-9JPJ-CPH8-W449
Vulnerability from github – Published: 2026-04-20 06:31 – Updated: 2026-04-24 20:35A security vulnerability has been detected in langflow-ai langflow up to 1.8.3. The affected element is the function create_project/encrypt_auth_settings of the file src/backend/base/Langflow/api/v1/projects.py of the component Project Creation Endpoint. Such manipulation of the argument auth_settings leads to cleartext storage in a file or on disk. The attack can be launched remotely. The exploit has been disclosed publicly and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
{
"affected": [
{
"package": {
"ecosystem": "PyPI",
"name": "langflow"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1.9.1"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2026-6598"
],
"database_specific": {
"cwe_ids": [
"CWE-312",
"CWE-313"
],
"github_reviewed": true,
"github_reviewed_at": "2026-04-24T20:35:01Z",
"nvd_published_at": "2026-04-20T04:16:52Z",
"severity": "LOW"
},
"details": "A security vulnerability has been detected in langflow-ai langflow up to 1.8.3. The affected element is the function create_project/encrypt_auth_settings of the file src/backend/base/Langflow/api/v1/projects.py of the component Project Creation Endpoint. Such manipulation of the argument auth_settings leads to cleartext storage in a file or on disk. The attack can be launched remotely. The exploit has been disclosed publicly and may be used. The vendor was contacted early about this disclosure but did not respond in any way.",
"id": "GHSA-9jpj-cph8-w449",
"modified": "2026-04-24T20:35:01Z",
"published": "2026-04-20T06:31:27Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-6598"
},
{
"type": "WEB",
"url": "https://github.com/langflow-ai/langflow/commit/45325f6376309a91f5017fa033a96c09c7e295e3"
},
{
"type": "WEB",
"url": "https://gist.github.com/chenhouser2025/77adb3486c06c635ae4b09a3eaf90213"
},
{
"type": "PACKAGE",
"url": "https://github.com/langflow-ai/langflow"
},
{
"type": "WEB",
"url": "https://vuldb.com/submit/791921"
},
{
"type": "WEB",
"url": "https://vuldb.com/vuln/358233"
},
{
"type": "WEB",
"url": "https://vuldb.com/vuln/358233/cti"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"type": "CVSS_V3"
},
{
"score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:P",
"type": "CVSS_V4"
}
],
"summary": "Langflow: Cleartext Storage of Authentication Settings in Project Creation Endpoint"
}
GHSA-C479-WQ8G-57HR
Vulnerability from github – Published: 2024-10-24 19:07 – Updated: 2024-10-25 16:47Impact
When a user disables two-factor authentication via the Panel, a DELETE request with their current password in a query parameter will be sent. While query parameters are encrypted when using TLS, many webservers (including ones officially documented for use with Pterodactyl) will log query parameters in plain-text, storing a user's password in plain text.
If a malicious user obtains access to these logs they could potentially authenticate against a user's account; assuming they are able to discover the account's email address or username separately.
Patches
This problem has been patched by https://github.com/pterodactyl/panel/commit/8be2b892c3940bdc0157ccdab16685a72d105dd1 on the 1.0-develop branch and released under v1.11.8 as a single commit on top of v1.11.7 https://github.com/pterodactyl/panel/commit/75b59080e2812ced677dab516222b2a3bb34e3a4
Patch file: https://github.com/pterodactyl/panel/commit/8be2b892c3940bdc0157ccdab16685a72d105dd1.patch
Workarounds
There are no workarounds at this time. There is not a direct vulnerability within the software as it relates to logs generated by intermediate components such as webservers or Layer 7 proxies.
Updating to v1.11.8 or adding the linked patch manually are the only ways to avoid this problem.
User Notice
As this vulnerability relates to historical logging of sensitive data, users who have ever disabled 2FA on a Panel (self-hosted or operated by a company) should change their passwords and consider enabling 2FA if it was left disabled. While it's unlikely that your account will be compromised by this vulnerability, it's not impossible.
Panel administrators should consider clearing any access logs that may contain sensitive data, for Panels using NGINX, the access log is located at /var/log/nginx/pterodactyl.app-access.log.
{
"affected": [
{
"package": {
"ecosystem": "Packagist",
"name": "pterodactyl/panel"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1.11.8"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2024-49762"
],
"database_specific": {
"cwe_ids": [
"CWE-313"
],
"github_reviewed": true,
"github_reviewed_at": "2024-10-24T19:07:03Z",
"nvd_published_at": "2024-10-24T22:15:04Z",
"severity": "MODERATE"
},
"details": "### Impact\n\nWhen a user disables two-factor authentication via the Panel, a `DELETE` request with their current password in a query parameter will be sent. While query parameters are encrypted when using TLS, many webservers (including ones officially documented for use with Pterodactyl) will log query parameters in plain-text, storing a user\u0027s password in plain text.\n\nIf a malicious user obtains access to these logs they could *potentially* authenticate against a user\u0027s account; assuming they are able to discover the account\u0027s email address or username **separately**.\n\n### Patches\n\nThis problem has been patched by \u003chttps://github.com/pterodactyl/panel/commit/8be2b892c3940bdc0157ccdab16685a72d105dd1\u003e on the `1.0-develop` branch and released under `v1.11.8` as a single commit on top of `v1.11.7` \u003chttps://github.com/pterodactyl/panel/commit/75b59080e2812ced677dab516222b2a3bb34e3a4\u003e\n\nPatch file: \u003chttps://github.com/pterodactyl/panel/commit/8be2b892c3940bdc0157ccdab16685a72d105dd1.patch\u003e\n\n### Workarounds\n\nThere are no workarounds at this time. There is not a direct vulnerability within the software as it relates to logs generated by intermediate components such as webservers or Layer 7 proxies.\n\nUpdating to `v1.11.8` or adding the linked patch manually are the only ways to avoid this problem.\n\n### User Notice\n\nAs this vulnerability relates to historical logging of sensitive data, users who have ever disabled 2FA on a Panel (self-hosted or operated by a company) should change their passwords and consider enabling 2FA if it was left disabled. While it\u0027s unlikely that your account will be compromised by this vulnerability, it\u0027s not impossible.\n\nPanel administrators should consider clearing any access logs that may contain sensitive data, for Panels using NGINX, the access log is located at `/var/log/nginx/pterodactyl.app-access.log`.",
"id": "GHSA-c479-wq8g-57hr",
"modified": "2024-10-25T16:47:19Z",
"published": "2024-10-24T19:07:03Z",
"references": [
{
"type": "WEB",
"url": "https://github.com/pterodactyl/panel/security/advisories/GHSA-c479-wq8g-57hr"
},
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-49762"
},
{
"type": "WEB",
"url": "https://github.com/pterodactyl/panel/commit/75b59080e2812ced677dab516222b2a3bb34e3a4"
},
{
"type": "WEB",
"url": "https://github.com/pterodactyl/panel/commit/8be2b892c3940bdc0157ccdab16685a72d105dd1"
},
{
"type": "PACKAGE",
"url": "https://github.com/pterodactyl/panel"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:N",
"type": "CVSS_V3"
}
],
"summary": "Pterodactyl Panel has plain-text logging of user passwords when two-factor authentication is disabled"
}
GHSA-CVJP-23HX-635R
Vulnerability from github – Published: 2024-08-14 18:32 – Updated: 2024-08-20 21:30An information exposure vulnerability in Palo Alto Networks PAN-OS software enables a local system administrator to unintentionally disclose secrets, passwords, and tokens of external systems. A read-only administrator who has access to the config log, can read secrets, passwords, and tokens to external systems.
{
"affected": [],
"aliases": [
"CVE-2024-5916"
],
"database_specific": {
"cwe_ids": [
"CWE-312",
"CWE-313"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-08-14T17:15:18Z",
"severity": "MODERATE"
},
"details": "An information exposure vulnerability in Palo Alto Networks PAN-OS software enables a local system administrator to unintentionally disclose secrets, passwords, and tokens of external systems. A read-only administrator who has access to the config log, can read secrets, passwords, and tokens to external systems.",
"id": "GHSA-cvjp-23hx-635r",
"modified": "2024-08-20T21:30:31Z",
"published": "2024-08-14T18:32:43Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-5916"
},
{
"type": "WEB",
"url": "https://security.paloaltonetworks.com/CVE-2024-5916"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
},
{
"score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:P/VC:L/VI:N/VA:N/SC:H/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:N/R:U/V:C/RE:H/U:Amber",
"type": "CVSS_V4"
}
]
}
GHSA-F8V9-5H44-4GRJ
Vulnerability from github – Published: 2026-05-07 18:30 – Updated: 2026-05-07 18:30Medtronic MyCareLink Patient Monitor uses per-product credentials that are stored in a recoverable format. An attacker can use these credentials to modify encrypted drive data.
{
"affected": [],
"aliases": [
"CVE-2025-4397"
],
"database_specific": {
"cwe_ids": [
"CWE-313"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2026-05-07T16:16:17Z",
"severity": "MODERATE"
},
"details": "Medtronic MyCareLink Patient Monitor uses per-product credentials that are stored in a recoverable format. An attacker can use these credentials to modify encrypted drive data.",
"id": "GHSA-f8v9-5h44-4grj",
"modified": "2026-05-07T18:30:39Z",
"published": "2026-05-07T18:30:39Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-4397"
},
{
"type": "WEB",
"url": "https://www.cisa.gov/news-events/ics-medical-advisories/icsma-18-219-01"
},
{
"type": "WEB",
"url": "https://www.cisa.gov/news-events/ics-medical-advisories/icsma-25-205-01"
},
{
"type": "WEB",
"url": "https://www.medtronic.com/en-us/e/product-security/security-bulletins/mycarelink-8-7-18.html"
},
{
"type": "WEB",
"url": "https://www.medtronic.com/en-us/e/product-security/security-bulletins/mycarelink-patient-monitor-vulnerabilities.html"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-FQ7J-MJ26-W42X
Vulnerability from github – Published: 2023-07-10 18:30 – Updated: 2026-06-01 15:30Cleartext Storage on Disk in the SICK ICR890-4 could allow an unauthenticated attacker with local access to the device to disclose sensitive information by accessing a SD card.
{
"affected": [],
"aliases": [
"CVE-2023-35699"
],
"database_specific": {
"cwe_ids": [
"CWE-312",
"CWE-313"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2023-07-10T16:15:52Z",
"severity": "MODERATE"
},
"details": "Cleartext Storage on Disk in the SICK ICR890-4 could allow an unauthenticated attacker with local access to the device to disclose sensitive information by accessing a SD card.",
"id": "GHSA-fq7j-mj26-w42x",
"modified": "2026-06-01T15:30:31Z",
"published": "2023-07-10T18:30:49Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-35699"
},
{
"type": "WEB",
"url": "https://sick.com/.well-known/csaf/white/2023/sca-2023-0006.json"
},
{
"type": "WEB",
"url": "https://sick.com/.well-known/csaf/white/2023/sca-2023-0006.pdf"
},
{
"type": "WEB",
"url": "https://sick.com/psirt"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N",
"type": "CVSS_V3"
}
]
}
No mitigation information available for this CWE.
No CAPEC attack patterns related to this CWE.