Vulnerabilities > Cleartext Storage of Sensitive Information

DATE CVE VULNERABILITY TITLE RISK
2019-07-03 CVE-2019-9823 Cleartext Storage of Sensitive Information vulnerability in Jetbrains Intellij Idea
In several JetBrains IntelliJ IDEA versions, creating remote run configurations of JavaEE application servers leads to saving a cleartext record of the server credentials in the IDE configuration files.
network
low complexity
jetbrains CWE-312
5.0
2019-06-27 CVE-2019-5810 Cleartext Storage of Sensitive Information vulnerability in Google Chrome
Information leak in autofill in Google Chrome prior to 74.0.3729.108 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page.
network
google CWE-312
4.3
2019-06-05 CVE-2019-11966 Cleartext Storage of Sensitive Information vulnerability in HP Intelligent Management Center
A remote privilege escalation vulnerability was identified in HPE Intelligent Management Center (IMC) PLAT earlier than version 7.3 E0506P09.
network
low complexity
hp CWE-312
critical
9.0
2019-04-30 CVE-2019-3937 Cleartext Storage of Sensitive Information vulnerability in Crestron Am-100 Firmware and Am-101 Firmware
Crestron AM-100 with firmware 1.6.0.2 and AM-101 with firmware 2.7.0.2 stores usernames, passwords, slideshow passcode, and other configuration options in cleartext in the file /tmp/scfgdndf.
local
low complexity
crestron CWE-312
2.1
2019-04-22 CVE-2019-11384 Cleartext Storage of Sensitive Information vulnerability in Zalora 6.15.1
The Zalora application 6.15.1 for Android stores confidential information insecurely on the system (i.e.
network
low complexity
zalora CWE-312
5.0
2019-04-10 CVE-2019-0285 Cleartext Storage of Sensitive Information vulnerability in SAP Crystal Reports 2010
The .NET SDK WebForm Viewer in SAP Crystal Reports for Visual Studio (fixed in version 2010) discloses sensitive database information including credentials which can be misused by the attacker.
network
low complexity
sap CWE-312
5.0
2019-04-10 CVE-2019-3612 Cleartext Storage of Sensitive Information vulnerability in Mcafee Data Exchange Layer and Threat Intelligence Exchange
Information Disclosure vulnerability in McAfee DXL Platform and TIE Server in DXL prior to 5.0.1 HF2 and TIE prior to 2.3.1 HF1 allows Authenticated users to view sensitive information in plain text via the GUI or command line.
local
low complexity
mcafee CWE-312
2.1
2019-04-08 CVE-2018-1882 Cleartext Storage of Sensitive Information vulnerability in IBM products
In a certain atypical IBM Spectrum Protect 7.1 and 8.1 configurations, the node password could be displayed in plain text in the IBM Spectrum Protect client trace file.
local
ibm CWE-312
1.9
2019-04-04 CVE-2018-19981 Cleartext Storage of Sensitive Information vulnerability in Amazon AWS Software Development KIT
Amazon AWS SDK <=2.8.5 for Android uses Android SharedPreferences to store plain text AWS STS Temporary Credentials retrieved by AWS Cognito Identity Service.
network
low complexity
amazon CWE-312
critical
9.0
2019-03-26 CVE-2019-3606 Cleartext Storage of Sensitive Information vulnerability in Mcafee Network Security Manager
Data Leakage Attacks vulnerability in the web portal component when in an MDR pair in McAfee Network Security Management (NSM) 9.1 < 9.1.7.75 (Update 4) and 9.2 < 9.2.7.31 Update2 allows administrators to view configuration information in plain text format via the GUI or GUI terminal commands.
local
mcafee CWE-312
1.9