Vulnerabilities > Cleartext Storage of Sensitive Information

DATE CVE VULNERABILITY TITLE RISK
2022-03-21 CVE-2022-26148 Cleartext Storage of Sensitive Information vulnerability in multiple products
An issue was discovered in Grafana through 7.3.4, when integrated with Zabbix.
network
low complexity
grafana redhat CWE-312
critical
9.8
2022-03-16 CVE-2022-23234 Cleartext Storage of Sensitive Information vulnerability in Netapp Snapcenter
SnapCenter versions prior to 4.5 are susceptible to a vulnerability which could allow a local authenticated attacker to discover plaintext HANA credentials.
local
low complexity
netapp CWE-312
5.5
2022-03-10 CVE-2022-26778 Cleartext Storage of Sensitive Information vulnerability in Veritas System Recovery 18.0/21
Veritas System Recovery (VSR) 18 and 21 stores a network destination password in the Windows registry during configuration of the backup configuration.
network
low complexity
veritas CWE-312
6.5
2022-03-04 CVE-2021-43590 Cleartext Storage of Sensitive Information vulnerability in Dell Enterprise Storage Analytics 4.0.1/6.2.1
Dell EMC Enterprise Storage Analytics for vRealize Operations, versions 4.0.1 to 6.2.1, contain a Plain-text password storage vulnerability.
local
low complexity
dell CWE-312
6.0
2022-03-04 CVE-2021-27757 Cleartext Storage of Sensitive Information vulnerability in Hcltech Bigfix Insights 10.0
" Insecure password storage issue.The application stores sensitive information in cleartext within a resource that might be accessible to another control sphere.Since the information is stored in cleartext, attackers could potentially read it and gain access to sensitive information."
network
low complexity
hcltech CWE-312
7.5
2022-03-01 CVE-2021-35036 Cleartext Storage of Sensitive Information vulnerability in Zyxel products
A cleartext storage of information vulnerability in the Zyxel VMG3625-T50B firmware version V5.50(ABTL.0)b2k could allow an authenticated attacker to obtain sensitive information from the configuration file.
network
low complexity
zyxel CWE-312
6.5
2022-02-24 CVE-2020-14480 Cleartext Storage of Sensitive Information vulnerability in Rockwellautomation Factorytalk View 10.0
Due to usernames/passwords being stored in plaintext in Random Access Memory (RAM), a local, authenticated attacker could gain access to certain credentials, including Windows Logon credentials.
local
low complexity
rockwellautomation CWE-312
5.5
2022-02-16 CVE-2021-3551 Cleartext Storage of Sensitive Information vulnerability in multiple products
A flaw was found in the PKI-server, where the spkispawn command, when run in debug mode, stores admin credentials in the installation log file.
7.8
2022-02-02 CVE-2021-42642 Cleartext Storage of Sensitive Information vulnerability in Printerlogic web Stack 19.1.1.13
PrinterLogic Web Stack versions 19.1.1.13 SP9 and below are vulnerable to an Insecure Direct Object Reference (IDOR) vulnerability that allows an unauthenticated attacker to disclose the plaintext console username and password for a printer.
network
low complexity
printerlogic CWE-312
7.5
2022-01-25 CVE-2022-22789 Cleartext Storage of Sensitive Information vulnerability in Charactell Formstorm 9.00.065
Charactell - FormStorm Enterprise Account takeover – An attacker can modify (add, remove and update) passwords file for all the users.
local
low complexity
charactell CWE-312
7.8