Vulnerabilities > Cleartext Storage of Sensitive Information

DATE CVE VULNERABILITY TITLE RISK
2023-04-12 CVE-2023-0005 Cleartext Storage of Sensitive Information vulnerability in Paloaltonetworks Pan-Os
A vulnerability in Palo Alto Networks PAN-OS software enables an authenticated administrator to expose the plaintext values of secrets stored in the device configuration and encrypted API keys.
network
low complexity
paloaltonetworks CWE-312
4.9
2023-04-11 CVE-2023-26593 Cleartext Storage of Sensitive Information vulnerability in Yokogawa products
CENTUM series provided by Yokogawa Electric Corporation are vulnerable to cleartext storage of sensitive information.
local
low complexity
yokogawa CWE-312
7.8
2023-04-03 CVE-2023-0614 Cleartext Storage of Sensitive Information vulnerability in Samba
The fix in 4.6.16, 4.7.9, 4.8.4 and 4.9.7 for CVE-2018-10919 Confidential attribute disclosure vi LDAP filters was insufficient and an attacker may be able to obtain confidential BitLocker recovery keys from a Samba AD DC.
network
low complexity
samba CWE-312
6.5
2023-03-29 CVE-2023-1683 Cleartext Storage of Sensitive Information vulnerability in Xunruicms 4.6.1
A vulnerability was found in Xunrui CMS 4.61 and classified as problematic.
network
low complexity
xunruicms CWE-312
7.5
2023-03-27 CVE-2023-25263 Cleartext Storage of Sensitive Information vulnerability in Stimulsoft Designer 2023.1.4/2023.1.5
In Stimulsoft Designer (Desktop) 2023.1.5, and 2023.1.4, once an attacker decompiles the Stimulsoft.report.dll the attacker is able to decrypt any connectionstring stored in .mrt files since a static secret is used.
local
low complexity
stimulsoft CWE-312
5.5
2023-03-23 CVE-2023-20059 Cleartext Storage of Sensitive Information vulnerability in Cisco DNA Center
A vulnerability in the implementation of the Cisco Network Plug-and-Play (PnP) agent of Cisco DNA Center could allow an authenticated, remote attacker to view sensitive information in clear text.
network
low complexity
cisco CWE-312
6.5
2023-03-22 CVE-2023-25596 Cleartext Storage of Sensitive Information vulnerability in Arubanetworks Clearpass Policy Manager
A vulnerability exists in ClearPass Policy Manager that allows for an attacker with administrative privileges to access sensitive information in a cleartext format.
network
low complexity
arubanetworks CWE-312
4.9
2023-03-07 CVE-2023-23776 Cleartext Storage of Sensitive Information vulnerability in Fortinet Fortianalyzer
An exposure of sensitive information to an unauthorized actor [CWE-200] vulnerability in FortiAnalyzer versions 7.2.0 through 7.2.1, 7.0.0 through 7.0.4 and 6.4.0 through 6.4.10 may allow a remote authenticated attacker to read the client machine password in plain text in a heartbeat response when a log-fetch request is made from the FortiAnalyzer
network
high complexity
fortinet CWE-312
3.1
2023-03-01 CVE-2022-48310 Cleartext Storage of Sensitive Information vulnerability in Sophos Connect
An information disclosure vulnerability allows sensitive key material to be included in technical support archives in Sophos Connect versions older than 2.2.90.
local
low complexity
sophos CWE-312
5.5
2023-02-27 CVE-2023-26760 Cleartext Storage of Sensitive Information vulnerability in Smeup ERP Tokyov6R1M220406
Sme.UP ERP TOKYO V6R1M220406 was discovered to contain an information disclosure vulnerability via the /debug endpoint.
network
low complexity
smeup CWE-312
7.5