Vulnerabilities > Cleartext Storage of Sensitive Information

DATE CVE VULNERABILITY TITLE RISK
2020-03-12 CVE-2020-10532 Cleartext Storage of Sensitive Information vulnerability in Watchguard AD Helper Firmware
The AD Helper component in WatchGuard Fireware before 5.8.5.10317 allows remote attackers to discover cleartext passwords via the /domains/list URI.
network
low complexity
watchguard CWE-312
7.5
2020-03-09 CVE-2020-2154 Cleartext Storage of Sensitive Information vulnerability in Jenkins Zephyr for Jira Test Management
Jenkins Zephyr for JIRA Test Management Plugin 1.5 and earlier stores its credentials in plain text in a global configuration file on the Jenkins master file system.
local
low complexity
jenkins CWE-312
5.5
2020-02-26 CVE-2019-18238 Cleartext Storage of Sensitive Information vulnerability in Moxa products
In Moxa ioLogik 2500 series firmware, Version 3.0 or lower, and IOxpress configuration utility, Version 2.3.0 or lower, sensitive information is stored in configuration files without encryption, which may allow an attacker to access an administrative account.
network
low complexity
moxa CWE-312
7.5
2020-02-26 CVE-2020-9407 Cleartext Storage of Sensitive Information vulnerability in Iblsoft Online Weather
IBL Online Weather before 4.3.5a allows attackers to obtain sensitive information by reading the IWEBSERVICE_JSONRPC_COOKIE cookie.
network
low complexity
iblsoft CWE-312
5.3
2020-02-11 CVE-2020-3935 Cleartext Storage of Sensitive Information vulnerability in Secom Dr.Id Access Control and Dr.Id Attendance System
TAIWAN SECOM CO., LTD., a Door Access Control and Personnel Attendance Management system, stores users’ information by cleartext in the cookie, which divulges password to attackers.
network
low complexity
secom CWE-312
7.5
2020-02-05 CVE-2013-2680 Cleartext Storage of Sensitive Information vulnerability in Cisco Linksys E4200 Firmware 1.0.05
Cisco Linksys E4200 1.0.05 Build 7 devices store passwords in cleartext allowing remote attackers to obtain sensitive information.
network
low complexity
cisco CWE-312
7.5
2020-02-03 CVE-2020-4224 Cleartext Storage of Sensitive Information vulnerability in IBM Storediq
IBM StoredIQ 7.6.0.17 through 7.6.0.20 could disclose sensitive information to a local user due to data in certain directories not being encrypted when it contained symbolic links.
local
low complexity
ibm CWE-312
5.5
2020-01-21 CVE-2020-7213 Cleartext Storage of Sensitive Information vulnerability in Parallels 13
Parallels 13 uses cleartext HTTP as part of the update process, allowing man-in-the-middle attacks.
network
high complexity
parallels CWE-312
7.5
2020-01-15 CVE-2009-5068 Cleartext Storage of Sensitive Information vulnerability in Simplemachines Simple Machines Forum
There is a file disclosure vulnerability in SMF (Simple Machines Forum) affecting versions through v2.0.3.
network
low complexity
simplemachines CWE-312
7.2
2020-01-09 CVE-2010-3282 Cleartext Storage of Sensitive Information vulnerability in multiple products
389 Directory Server before 1.2.7.1 (aka Red Hat Directory Server 8.2) and HP-UX Directory Server before B.08.10.03, when audit logging is enabled, logs the Directory Manager password (nsslapd-rootpw) in cleartext when changing cn=config:nsslapd-rootpw, which might allow local users to obtain sensitive information by reading the log.
local
low complexity
hp redhat fedoraproject CWE-312
3.3