Vulnerabilities > Cleartext Storage of Sensitive Information
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-12-09 | CVE-2020-26816 | Cleartext Storage of Sensitive Information vulnerability in SAP Netweaver Application Server Java SAP AS JAVA (Key Storage Service), versions - 7.10, 7.11, 7.20 ,7.30, 7.31, 7.40, 7.50, has the key material which is stored in the SAP NetWeaver AS Java Key Storage service stored in the database in the DER encoded format and is not encrypted. | 4.5 |
| 2020-11-18 | CVE-2020-28917 | Cleartext Storage of Sensitive Information vulnerability in View Frontend Statistics Project View Frontend Statistics An issue was discovered in the view_statistics (aka View frontend statistics) extension before 2.0.1 for TYPO3. | 6.5 |
| 2020-11-17 | CVE-2020-26551 | Cleartext Storage of Sensitive Information vulnerability in Aviatrix Controller 5.3.1516 An issue was discovered in Aviatrix Controller before R5.3.1151. | 7.5 |
| 2020-11-09 | CVE-2020-8276 | Cleartext Storage of Sensitive Information vulnerability in Brave The implementation of Brave Desktop's privacy-preserving analytics system (P3A) between 1.1 and 1.18.35 logged the timestamp of when the user last opened an incognito window, including Tor windows. | 5.5 |
| 2020-10-28 | CVE-2020-27986 | Cleartext Storage of Sensitive Information vulnerability in Sonarsource Sonarqube 8.4.2.36762 SonarQube 8.4.2.36762 allows remote attackers to discover cleartext SMTP, SVN, and GitLab credentials via the api/settings/values URI. | 7.5 |
| 2020-10-21 | CVE-2020-27613 | Cleartext Storage of Sensitive Information vulnerability in Bigbluebutton The installation procedure in BigBlueButton before 2.2.28 (or earlier) uses ClueCon as the FreeSWITCH password, which allows local users to achieve unintended FreeSWITCH access. | 8.4 |
| 2020-10-21 | CVE-2020-6648 | Cleartext Storage of Sensitive Information vulnerability in Fortinet Fortios and Fortiproxy A cleartext storage of sensitive information vulnerability in FortiOS command line interface in versions 6.2.4 and earlier and FortiProxy 2.0.0, 1.2.9 and earlier may allow an authenticated attacker to obtain sensitive information such as users passwords by connecting to FortiGate CLI and executing the "diag sys ha checksum show" command. | 6.5 |
| 2020-09-22 | CVE-2020-4619 | Cleartext Storage of Sensitive Information vulnerability in IBM Data Risk Manager IBM Data Risk Manager (iDNA) 2.0.6 stores user credentials in plain in clear text which can be read by an authenticated user. | 6.5 |
| 2020-09-18 | CVE-2020-8225 | Cleartext Storage of Sensitive Information vulnerability in Nextcloud Desktop A cleartext storage of sensitive information in Nextcloud Desktop Client 2.6.4 gave away information about used proxies and their authentication credentials. | 7.5 |
| 2020-09-16 | CVE-2020-2274 | Cleartext Storage of Sensitive Information vulnerability in Jenkins Elastest Jenkins ElasTest Plugin 1.2.1 and earlier stores its server password unencrypted in its global configuration file on the Jenkins controller where it can be viewed by users with access to the Jenkins controller file system. | 5.5 |