Vulnerabilities > Cleartext Storage of Sensitive Information

DATE CVE VULNERABILITY TITLE RISK
2021-11-02 CVE-2021-42763 Cleartext Storage of Sensitive Information vulnerability in Couchbase Server
Couchbase Server before 6.6.3 and 7.x before 7.0.2 stores Sensitive Information in Cleartext.
network
low complexity
couchbase CWE-312
5.0
2021-10-27 CVE-2021-29786 Cleartext Storage of Sensitive Information vulnerability in IBM products
IBM Jazz Team Server products stores user credentials in clear text which can be read by an authenticated user.
network
low complexity
ibm CWE-312
4.0
2021-10-25 CVE-2021-40527 Cleartext Storage of Sensitive Information vulnerability in Onepeloton Peloton
Exposure of senstive information to an unauthorised actor in the "com.onepeloton.erlich" mobile application up to and including version 1.7.22 allows a remote attacker to access developer files stored in an AWS S3 bucket, by reading credentials stored in plain text within the mobile application.
network
low complexity
onepeloton CWE-312
5.0
2021-10-19 CVE-2021-38911 Cleartext Storage of Sensitive Information vulnerability in IBM Security Risk Manager on Cp4S 1.7.2.0
IBM Security Risk Manager on CP4S 1.7.0.0 stores user credentials in plain clear text which can be read by a an authenticatedl privileged user.
network
low complexity
ibm CWE-312
4.0
2021-10-13 CVE-2021-40454 Cleartext Storage of Sensitive Information vulnerability in Microsoft products
Rich Text Edit Control Information Disclosure Vulnerability
local
low complexity
microsoft CWE-312
5.5
2021-10-12 CVE-2021-38915 Cleartext Storage of Sensitive Information vulnerability in IBM Data Risk Manager 2.0.6
IBM Data Risk Manager 2.0.6 stores user credentials in plain clear text which can be read by an authenticated user.
network
low complexity
ibm CWE-312
4.0
2021-09-30 CVE-2021-41302 Cleartext Storage of Sensitive Information vulnerability in Ecoa products
ECOA BAS controller stores sensitive data (backup exports) in clear-text, thus the unauthenticated attacker can remotely query user password and obtain user’s privilege.
network
low complexity
ecoa CWE-312
5.0
2021-09-23 CVE-2021-29904 Cleartext Storage of Sensitive Information vulnerability in IBM Jazz for Service Management 1.1.3.10
IBM Jazz for Service Management 1.1.3.10 and IBM Tivoli Netcool/OMNIbus_GUI displays user credentials in plain clear text which can be read by a local user.
local
low complexity
ibm CWE-312
2.1
2021-09-14 CVE-2021-38150 Cleartext Storage of Sensitive Information vulnerability in SAP Business Client 7.0/7.70
When an attacker manages to get access to the local memory, or the memory dump of a victim, for example by a social engineering attack, SAP Business Client versions - 7.0, 7.70, will allow him to read extremely sensitive data, such as credentials.
network
sap CWE-312
4.3
2021-09-14 CVE-2021-33716 Cleartext Storage of Sensitive Information vulnerability in Siemens products
A vulnerability has been identified in SIMATIC CP 1543-1 (incl.
low complexity
siemens CWE-312
6.5