Vulnerabilities > Cleartext Storage of Sensitive Information

DATE CVE VULNERABILITY TITLE RISK
2022-11-25 CVE-2022-25164 Cleartext Storage of Sensitive Information vulnerability in Mitsubishielectric GX Works3 and MX OPC UA Module Configurator-R
Cleartext Storage of Sensitive Information vulnerability in Mitsubishi Electric GX Works3 versions from 1.000A to 1.095Z and Mitsubishi Electric MX OPC UA Module Configurator-R versions 1.08J and prior allows a remote unauthenticated attacker to disclose sensitive information.
network
low complexity
mitsubishielectric CWE-312
7.5
2022-11-25 CVE-2022-29826 Cleartext Storage of Sensitive Information vulnerability in Mitsubishielectric GX Works3
Cleartext Storage of Sensitive Information vulnerability in Mitsubishi Electric GX Works3 versions from 1.000A to 1.087R and Motion Control Setting(GX Works3 related software) versions from 1.000A to 1.042U allows a remote unauthenticated attacker to disclose sensitive information.
network
low complexity
mitsubishielectric CWE-312
7.5
2022-11-25 CVE-2022-29832 Cleartext Storage of Sensitive Information vulnerability in Mitsubishielectric GX Works3
Cleartext Storage of Sensitive Information in Memory vulnerability in Mitsubishi Electric Corporation GX Works3 versions 1.015R and later, GX Works2 all versions and GX Developer versions 8.40S and later allows a remote unauthenticated attacker to disclose sensitive information.
network
low complexity
mitsubishielectric CWE-312
6.5
2022-11-23 CVE-2022-45868 Cleartext Storage of Sensitive Information vulnerability in H2Database H2
The web-based admin console in H2 Database Engine before 2.2.220 can be started via the CLI with the argument -webAdminPassword, which allows the user to specify the password in cleartext for the web admin console.
local
low complexity
h2database CWE-312
7.8
2022-11-22 CVE-2022-2513 Cleartext Storage of Sensitive Information vulnerability in Hitachienergy products
A vulnerability exists in the Intelligent Electronic Device (IED) Connectivity Package (ConnPack) credential storage function in Hitachi Energy’s PCM600 product included in the versions listed below, where IEDs credentials are stored in a cleartext format in the PCM600 database and logs files.
local
low complexity
hitachienergy CWE-312
5.5
2022-11-07 CVE-2022-42955 Cleartext Storage of Sensitive Information vulnerability in Passwork 5.0.9
The PassWork extension 5.0.9 for Chrome and other browsers allows an attacker to obtain cleartext cached credentials.
network
low complexity
passwork CWE-312
7.5
2022-11-07 CVE-2022-42956 Cleartext Storage of Sensitive Information vulnerability in Passwork 5.0.9
The PassWork extension 5.0.9 for Chrome and other browsers allows an attacker to obtain the cleartext master password.
network
low complexity
passwork CWE-312
7.5
2022-11-03 CVE-2021-39077 Cleartext Storage of Sensitive Information vulnerability in IBM Security Guardium
IBM Security Guardium 10.5, 10.6, 11.0, 11.1, 11.2, 11.3, and 11.4 stores user credentials in plain clear text which can be read by a local privileged user.
local
low complexity
ibm CWE-312
4.4
2022-11-03 CVE-2022-34339 Cleartext Storage of Sensitive Information vulnerability in IBM Cognos Analytics
"IBM Cognos Analytics 11.2.1, 11.2.0, 11.1.7 stores user credentials in plain clear text which can be read by an authenticated user.
network
low complexity
ibm CWE-312
6.5
2022-11-03 CVE-2022-35279 Cleartext Storage of Sensitive Information vulnerability in IBM Business Automation Workflow
"IBM Business Automation Workflow 18.0.0.0, 18.0.0.1, 18.0.0.2, 19.0.0.1, 19.0.0.2, 19.0.0.3, 20.0.0.1, 20.0.0.2, 21.0.2, 21.0.3, and 22.0.1 could disclose sensitive version information to authenticated users which could be used in further attacks against the system.
network
low complexity
ibm CWE-312
4.3