Vulnerabilities > Cleartext Storage of Sensitive Information
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-01-31 | CVE-2022-45897 | Cleartext Storage of Sensitive Information vulnerability in Xerox Workcentre 3550 Firmware 25.003.03.000 On Xerox WorkCentre 3550 25.003.03.000 devices, an authenticated attacker can view the SMB server settings and can obtain the stored cleartext credentials associated with those settings. | 6.5 |
| 2023-01-30 | CVE-2023-22332 | Cleartext Storage of Sensitive Information vulnerability in Pgpool Pgpool-Ii Information disclosure vulnerability exists in Pgpool-II 4.4.0 to 4.4.1 (4.4 series), 4.3.0 to 4.3.4 (4.3 series), 4.2.0 to 4.2.11 (4.2 series), 4.1.0 to 4.1.14 (4.1 series), 4.0.0 to 4.0.21 (4.0 series), All versions of 3.7 series, All versions of 3.6 series, All versions of 3.5 series, All versions of 3.4 series, and All versions of 3.3 series. | 6.5 |
| 2023-01-27 | CVE-2022-48071 | Cleartext Storage of Sensitive Information vulnerability in Phicomm K2 Firmware 22.6.534.263 Phicomm K2 v22.6.534.263 was discovered to store the root and admin passwords in plaintext. | 7.5 |
| 2023-01-27 | CVE-2022-48073 | Cleartext Storage of Sensitive Information vulnerability in Phicomm K2 Firmware 22.6.534.263 Phicomm K2G v22.6.3.20 was discovered to store the root and admin passwords in plaintext. | 7.5 |
| 2023-01-26 | CVE-2023-24439 | Cleartext Storage of Sensitive Information vulnerability in Jenkins Jira Pipeline Steps 2.0.165.V8846Cf59F3Db Jenkins JIRA Pipeline Steps Plugin 2.0.165.v8846cf59f3db and earlier stores the private keys unencrypted in its global configuration file on the Jenkins controller where it can be viewed by users with access to the Jenkins controller file system. | 5.5 |
| 2023-01-26 | CVE-2023-24442 | Cleartext Storage of Sensitive Information vulnerability in Jenkins Github Pull Request Coverage Status Jenkins GitHub Pull Request Coverage Status Plugin 2.2.0 and earlier stores the GitHub Personal Access Token, Sonar access token and Sonar password unencrypted in its global configuration file on the Jenkins controller where they can be viewed by users with access to the Jenkins controller file system. | 5.5 |
| 2023-01-26 | CVE-2023-24450 | Cleartext Storage of Sensitive Information vulnerability in Jenkins View-Cloner 1.0/1.1 Jenkins view-cloner Plugin 1.1 and earlier stores passwords unencrypted in job config.xml files on the Jenkins controller where they can be viewed by users with Extended Read permission, or access to the Jenkins controller file system. | 6.5 |
| 2023-01-26 | CVE-2023-24454 | Cleartext Storage of Sensitive Information vulnerability in Jenkins Testquality Updater 1.1/1.3 Jenkins TestQuality Updater Plugin 1.3 and earlier stores the TestQuality Updater password unencrypted in its global configuration file on the Jenkins controller where it can be viewed by users with access to the Jenkins controller file system. | 5.5 |
| 2023-01-22 | CVE-2023-24055 | Cleartext Storage of Sensitive Information vulnerability in Keepass KeePass through 2.53 (in a default installation) allows an attacker, who has write access to the XML configuration file, to obtain the cleartext passwords by adding an export trigger. | 5.5 |
| 2023-01-17 | CVE-2022-45439 | Cleartext Storage of Sensitive Information vulnerability in Zyxel Ax7501-B0 Firmware 5.17(Abpc.1)C0 A pair of spare WiFi credentials is stored in the configuration file of the Zyxel AX7501-B0 firmware prior to V5.17(ABPC.3)C0 in cleartext. | 6.5 |