Vulnerabilities > Cleartext Storage of Sensitive Information
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-01-27 | CVE-2022-48071 | Cleartext Storage of Sensitive Information vulnerability in Phicomm K2 Firmware 22.6.534.263 Phicomm K2 v22.6.534.263 was discovered to store the root and admin passwords in plaintext. | 7.5 |
| 2023-01-27 | CVE-2022-48073 | Cleartext Storage of Sensitive Information vulnerability in Phicomm K2 Firmware 22.6.534.263 Phicomm K2G v22.6.3.20 was discovered to store the root and admin passwords in plaintext. | 7.5 |
| 2023-01-26 | CVE-2023-24439 | Cleartext Storage of Sensitive Information vulnerability in Jenkins Jira Pipeline Steps 2.0.165.V8846Cf59F3Db Jenkins JIRA Pipeline Steps Plugin 2.0.165.v8846cf59f3db and earlier stores the private keys unencrypted in its global configuration file on the Jenkins controller where it can be viewed by users with access to the Jenkins controller file system. | 5.5 |
| 2023-01-26 | CVE-2023-24442 | Cleartext Storage of Sensitive Information vulnerability in Jenkins Github Pull Request Coverage Status Jenkins GitHub Pull Request Coverage Status Plugin 2.2.0 and earlier stores the GitHub Personal Access Token, Sonar access token and Sonar password unencrypted in its global configuration file on the Jenkins controller where they can be viewed by users with access to the Jenkins controller file system. | 5.5 |
| 2023-01-26 | CVE-2023-24450 | Cleartext Storage of Sensitive Information vulnerability in Jenkins View-Cloner 1.0/1.1 Jenkins view-cloner Plugin 1.1 and earlier stores passwords unencrypted in job config.xml files on the Jenkins controller where they can be viewed by users with Extended Read permission, or access to the Jenkins controller file system. | 6.5 |
| 2023-01-26 | CVE-2023-24454 | Cleartext Storage of Sensitive Information vulnerability in Jenkins Testquality Updater 1.1/1.3 Jenkins TestQuality Updater Plugin 1.3 and earlier stores the TestQuality Updater password unencrypted in its global configuration file on the Jenkins controller where it can be viewed by users with access to the Jenkins controller file system. | 5.5 |
| 2023-01-22 | CVE-2023-24055 | Cleartext Storage of Sensitive Information vulnerability in Keepass KeePass through 2.53 (in a default installation) allows an attacker, who has write access to the XML configuration file, to obtain the cleartext passwords by adding an export trigger. | 5.5 |
| 2023-01-17 | CVE-2022-45439 | Cleartext Storage of Sensitive Information vulnerability in Zyxel Ax7501-B0 Firmware 5.17(Abpc.1)C0 A pair of spare WiFi credentials is stored in the configuration file of the Zyxel AX7501-B0 firmware prior to V5.17(ABPC.3)C0 in cleartext. | 6.5 |
| 2023-01-13 | CVE-2022-42284 | Cleartext Storage of Sensitive Information vulnerability in Nvidia BMC NVIDIA BMC stores user passwords in an obfuscated form in a database accessible by the host. | 5.5 |
| 2023-01-09 | CVE-2022-22470 | Cleartext Storage of Sensitive Information vulnerability in IBM Security Verify Governance 10.0 IBM Security Verify Governance 10.0 stores user credentials in plain clear text which can be read by a local user. | 5.5 |