Vulnerabilities > Cleartext Storage of Sensitive Information
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-03-30 | CVE-2020-5723 | Cleartext Storage of Sensitive Information vulnerability in Grandstream products The UCM6200 series 1.0.20.22 and below stores unencrypted user passwords in an SQLite database. | 5.0 |
| 2020-03-16 | CVE-2020-6980 | Cleartext Storage of Sensitive Information vulnerability in Rockwellautomation products Rockwell Automation MicroLogix 1400 Controllers Series B v21.001 and prior, Series A, all versions, MicroLogix 1100 Controller, all versions, RSLogix 500 Software v12.001 and prior, If Simple Mail Transfer Protocol (SMTP) account data is saved in RSLogix 500, a local attacker with access to a victim’s project may be able to gather SMTP server authentication data as it is written to the project file in cleartext. | 2.1 |
| 2020-03-12 | CVE-2020-10532 | Cleartext Storage of Sensitive Information vulnerability in Watchguard AD Helper Firmware The AD Helper component in WatchGuard Fireware before 5.8.5.10317 allows remote attackers to discover cleartext passwords via the /domains/list URI. | 5.0 |
| 2020-03-09 | CVE-2020-2154 | Cleartext Storage of Sensitive Information vulnerability in Jenkins Zephyr for Jira Test Management Jenkins Zephyr for JIRA Test Management Plugin 1.5 and earlier stores its credentials in plain text in a global configuration file on the Jenkins master file system. | 5.5 |
| 2020-03-05 | CVE-2019-14886 | Cleartext Storage of Sensitive Information vulnerability in Redhat Decision Manager and Process Automation Manager A vulnerability was found in business-central, as shipped in rhdm-7.5.1 and rhpam-7.5.1, where encoded passwords are stored in errai_security_context. | 6.5 |
| 2020-02-26 | CVE-2019-18238 | Cleartext Storage of Sensitive Information vulnerability in Moxa products In Moxa ioLogik 2500 series firmware, Version 3.0 or lower, and IOxpress configuration utility, Version 2.3.0 or lower, sensitive information is stored in configuration files without encryption, which may allow an attacker to access an administrative account. | 5.0 |
| 2020-02-26 | CVE-2020-9407 | Cleartext Storage of Sensitive Information vulnerability in Iblsoft Online Weather IBL Online Weather before 4.3.5a allows attackers to obtain sensitive information by reading the IWEBSERVICE_JSONRPC_COOKIE cookie. | 5.3 |
| 2020-02-11 | CVE-2020-3935 | Cleartext Storage of Sensitive Information vulnerability in Secom Dr.Id Access Control and Dr.Id Attendance System TAIWAN SECOM CO., LTD., a Door Access Control and Personnel Attendance Management system, stores users’ information by cleartext in the cookie, which divulges password to attackers. | 5.0 |
| 2020-02-05 | CVE-2013-2680 | Cleartext Storage of Sensitive Information vulnerability in Cisco Linksys E4200 Firmware 1.0.05 Cisco Linksys E4200 1.0.05 Build 7 devices store passwords in cleartext allowing remote attackers to obtain sensitive information. | 5.0 |
| 2020-01-21 | CVE-2020-7213 | Cleartext Storage of Sensitive Information vulnerability in Parallels 13 Parallels 13 uses cleartext HTTP as part of the update process, allowing man-in-the-middle attacks. | 7.6 |