Vulnerabilities > Cleartext Storage of Sensitive Information
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2022-11-23 | CVE-2022-45868 | Cleartext Storage of Sensitive Information vulnerability in H2Database H2 The web-based admin console in H2 Database Engine before 2.2.220 can be started via the CLI with the argument -webAdminPassword, which allows the user to specify the password in cleartext for the web admin console. | 7.8 |
2022-11-22 | CVE-2022-2513 | Cleartext Storage of Sensitive Information vulnerability in Hitachienergy products A vulnerability exists in the Intelligent Electronic Device (IED) Connectivity Package (ConnPack) credential storage function in Hitachi Energy’s PCM600 product included in the versions listed below, where IEDs credentials are stored in a cleartext format in the PCM600 database and logs files. | 5.5 |
2022-11-07 | CVE-2022-42955 | Cleartext Storage of Sensitive Information vulnerability in Passwork 5.0.9 The PassWork extension 5.0.9 for Chrome and other browsers allows an attacker to obtain cleartext cached credentials. | 7.5 |
2022-11-07 | CVE-2022-42956 | Cleartext Storage of Sensitive Information vulnerability in Passwork 5.0.9 The PassWork extension 5.0.9 for Chrome and other browsers allows an attacker to obtain the cleartext master password. | 7.5 |
2022-11-03 | CVE-2021-39077 | Cleartext Storage of Sensitive Information vulnerability in IBM Security Guardium IBM Security Guardium 10.5, 10.6, 11.0, 11.1, 11.2, 11.3, and 11.4 stores user credentials in plain clear text which can be read by a local privileged user. | 4.4 |
2022-11-03 | CVE-2022-34339 | Cleartext Storage of Sensitive Information vulnerability in IBM Cognos Analytics "IBM Cognos Analytics 11.2.1, 11.2.0, 11.1.7 stores user credentials in plain clear text which can be read by an authenticated user. | 6.5 |
2022-11-03 | CVE-2022-35279 | Cleartext Storage of Sensitive Information vulnerability in IBM Business Automation Workflow "IBM Business Automation Workflow 18.0.0.0, 18.0.0.1, 18.0.0.2, 19.0.0.1, 19.0.0.2, 19.0.0.3, 20.0.0.1, 20.0.0.2, 21.0.2, 21.0.3, and 22.0.1 could disclose sensitive version information to authenticated users which could be used in further attacks against the system. | 4.3 |
2022-10-27 | CVE-2022-39364 | Cleartext Storage of Sensitive Information vulnerability in Nextcloud Enterprise Server and Nextcloud Server Nextcloud Server is the file server software for Nextcloud, a self-hosted productivity platform. | 6.5 |
2022-10-25 | CVE-2022-39351 | Cleartext Storage of Sensitive Information vulnerability in Owasp Dependency-Track Dependency-Track is a Component Analysis platform that allows organizations to identify and reduce risk in the software supply chain. | 4.4 |
2022-10-19 | CVE-2022-2805 | Cleartext Storage of Sensitive Information vulnerability in Redhat Virtualization 4.0 A flaw was found in ovirt-engine, which leads to the logging of plaintext passwords in the log file when using otapi-style. | 6.5 |