Vulnerabilities > Cleartext Storage of Sensitive Information
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-04-12 | CVE-2023-30531 | Cleartext Storage of Sensitive Information vulnerability in Jenkins Consul KV Builder 2.0.13 Jenkins Consul KV Builder Plugin 2.0.13 and earlier does not mask the HashiCorp Consul ACL Token on the global configuration form, increasing the potential for attackers to observe and capture it. | 6.5 |
| 2023-04-12 | CVE-2023-0005 | Cleartext Storage of Sensitive Information vulnerability in Paloaltonetworks Pan-Os A vulnerability in Palo Alto Networks PAN-OS software enables an authenticated administrator to expose the plaintext values of secrets stored in the device configuration and encrypted API keys. | 4.9 |
| 2023-04-11 | CVE-2023-26593 | Cleartext Storage of Sensitive Information vulnerability in Yokogawa products CENTUM series provided by Yokogawa Electric Corporation are vulnerable to cleartext storage of sensitive information. | 7.8 |
| 2023-04-03 | CVE-2023-0614 | Cleartext Storage of Sensitive Information vulnerability in Samba The fix in 4.6.16, 4.7.9, 4.8.4 and 4.9.7 for CVE-2018-10919 Confidential attribute disclosure vi LDAP filters was insufficient and an attacker may be able to obtain confidential BitLocker recovery keys from a Samba AD DC. | 6.5 |
| 2023-03-29 | CVE-2023-1683 | Cleartext Storage of Sensitive Information vulnerability in Xunruicms 4.6.1 A vulnerability was found in Xunrui CMS 4.61 and classified as problematic. | 7.5 |
| 2023-03-27 | CVE-2023-25263 | Cleartext Storage of Sensitive Information vulnerability in Stimulsoft Designer 2023.1.4/2023.1.5 In Stimulsoft Designer (Desktop) 2023.1.5, and 2023.1.4, once an attacker decompiles the Stimulsoft.report.dll the attacker is able to decrypt any connectionstring stored in .mrt files since a static secret is used. | 5.5 |
| 2023-03-23 | CVE-2023-20059 | Cleartext Storage of Sensitive Information vulnerability in Cisco DNA Center A vulnerability in the implementation of the Cisco Network Plug-and-Play (PnP) agent of Cisco DNA Center could allow an authenticated, remote attacker to view sensitive information in clear text. | 6.5 |
| 2023-03-22 | CVE-2023-25596 | Cleartext Storage of Sensitive Information vulnerability in Arubanetworks Clearpass Policy Manager A vulnerability exists in ClearPass Policy Manager that allows for an attacker with administrative privileges to access sensitive information in a cleartext format. | 4.9 |
| 2023-03-07 | CVE-2023-23776 | Cleartext Storage of Sensitive Information vulnerability in Fortinet Fortianalyzer An exposure of sensitive information to an unauthorized actor [CWE-200] vulnerability in FortiAnalyzer versions 7.2.0 through 7.2.1, 7.0.0 through 7.0.4 and 6.4.0 through 6.4.10 may allow a remote authenticated attacker to read the client machine password in plain text in a heartbeat response when a log-fetch request is made from the FortiAnalyzer | 3.1 |
| 2023-03-01 | CVE-2022-48310 | Cleartext Storage of Sensitive Information vulnerability in Sophos Connect An information disclosure vulnerability allows sensitive key material to be included in technical support archives in Sophos Connect versions older than 2.2.90. | 5.5 |