Vulnerabilities > Cleartext Storage of Sensitive Information

DATE CVE VULNERABILITY TITLE RISK
2022-11-23 CVE-2022-45868 Cleartext Storage of Sensitive Information vulnerability in H2Database H2
The web-based admin console in H2 Database Engine before 2.2.220 can be started via the CLI with the argument -webAdminPassword, which allows the user to specify the password in cleartext for the web admin console.
local
low complexity
h2database CWE-312
7.8
2022-11-22 CVE-2022-2513 Cleartext Storage of Sensitive Information vulnerability in Hitachienergy products
A vulnerability exists in the Intelligent Electronic Device (IED) Connectivity Package (ConnPack) credential storage function in Hitachi Energy’s PCM600 product included in the versions listed below, where IEDs credentials are stored in a cleartext format in the PCM600 database and logs files.
local
low complexity
hitachienergy CWE-312
5.5
2022-11-07 CVE-2022-42955 Cleartext Storage of Sensitive Information vulnerability in Passwork 5.0.9
The PassWork extension 5.0.9 for Chrome and other browsers allows an attacker to obtain cleartext cached credentials.
network
low complexity
passwork CWE-312
7.5
2022-11-07 CVE-2022-42956 Cleartext Storage of Sensitive Information vulnerability in Passwork 5.0.9
The PassWork extension 5.0.9 for Chrome and other browsers allows an attacker to obtain the cleartext master password.
network
low complexity
passwork CWE-312
7.5
2022-11-03 CVE-2021-39077 Cleartext Storage of Sensitive Information vulnerability in IBM Security Guardium
IBM Security Guardium 10.5, 10.6, 11.0, 11.1, 11.2, 11.3, and 11.4 stores user credentials in plain clear text which can be read by a local privileged user.
local
low complexity
ibm CWE-312
4.4
2022-11-03 CVE-2022-34339 Cleartext Storage of Sensitive Information vulnerability in IBM Cognos Analytics
"IBM Cognos Analytics 11.2.1, 11.2.0, 11.1.7 stores user credentials in plain clear text which can be read by an authenticated user.
network
low complexity
ibm CWE-312
6.5
2022-11-03 CVE-2022-35279 Cleartext Storage of Sensitive Information vulnerability in IBM Business Automation Workflow
"IBM Business Automation Workflow 18.0.0.0, 18.0.0.1, 18.0.0.2, 19.0.0.1, 19.0.0.2, 19.0.0.3, 20.0.0.1, 20.0.0.2, 21.0.2, 21.0.3, and 22.0.1 could disclose sensitive version information to authenticated users which could be used in further attacks against the system.
network
low complexity
ibm CWE-312
4.3
2022-10-27 CVE-2022-39364 Cleartext Storage of Sensitive Information vulnerability in Nextcloud Enterprise Server and Nextcloud Server
Nextcloud Server is the file server software for Nextcloud, a self-hosted productivity platform.
network
low complexity
nextcloud CWE-312
6.5
2022-10-25 CVE-2022-39351 Cleartext Storage of Sensitive Information vulnerability in Owasp Dependency-Track
Dependency-Track is a Component Analysis platform that allows organizations to identify and reduce risk in the software supply chain.
local
low complexity
owasp CWE-312
4.4
2022-10-19 CVE-2022-2805 Cleartext Storage of Sensitive Information vulnerability in Redhat Virtualization 4.0
A flaw was found in ovirt-engine, which leads to the logging of plaintext passwords in the log file when using otapi-style.
network
low complexity
redhat CWE-312
6.5