Vulnerabilities > Cleartext Storage of Sensitive Information
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-02-26 | CVE-2019-18238 | Cleartext Storage of Sensitive Information vulnerability in Moxa products In Moxa ioLogik 2500 series firmware, Version 3.0 or lower, and IOxpress configuration utility, Version 2.3.0 or lower, sensitive information is stored in configuration files without encryption, which may allow an attacker to access an administrative account. | 7.5 |
| 2020-02-26 | CVE-2020-9407 | Cleartext Storage of Sensitive Information vulnerability in Iblsoft Online Weather IBL Online Weather before 4.3.5a allows attackers to obtain sensitive information by reading the IWEBSERVICE_JSONRPC_COOKIE cookie. | 5.3 |
| 2020-02-11 | CVE-2020-3935 | Cleartext Storage of Sensitive Information vulnerability in Secom Dr.Id Access Control and Dr.Id Attendance System TAIWAN SECOM CO., LTD., a Door Access Control and Personnel Attendance Management system, stores users’ information by cleartext in the cookie, which divulges password to attackers. | 7.5 |
| 2020-02-05 | CVE-2013-2680 | Cleartext Storage of Sensitive Information vulnerability in Cisco Linksys E4200 Firmware 1.0.05 Cisco Linksys E4200 1.0.05 Build 7 devices store passwords in cleartext allowing remote attackers to obtain sensitive information. | 7.5 |
| 2020-02-03 | CVE-2020-4224 | Cleartext Storage of Sensitive Information vulnerability in IBM Storediq IBM StoredIQ 7.6.0.17 through 7.6.0.20 could disclose sensitive information to a local user due to data in certain directories not being encrypted when it contained symbolic links. | 5.5 |
| 2020-01-21 | CVE-2020-7213 | Cleartext Storage of Sensitive Information vulnerability in Parallels 13 Parallels 13 uses cleartext HTTP as part of the update process, allowing man-in-the-middle attacks. | 7.5 |
| 2020-01-15 | CVE-2009-5068 | Cleartext Storage of Sensitive Information vulnerability in Simplemachines Simple Machines Forum There is a file disclosure vulnerability in SMF (Simple Machines Forum) affecting versions through v2.0.3. | 7.2 |
| 2020-01-09 | CVE-2010-3282 | Cleartext Storage of Sensitive Information vulnerability in multiple products 389 Directory Server before 1.2.7.1 (aka Red Hat Directory Server 8.2) and HP-UX Directory Server before B.08.10.03, when audit logging is enabled, logs the Directory Manager password (nsslapd-rootpw) in cleartext when changing cn=config:nsslapd-rootpw, which might allow local users to obtain sensitive information by reading the log. | 3.3 |
| 2020-01-08 | CVE-2011-5247 | Cleartext Storage of Sensitive Information vulnerability in Prophecyinternational Snare Snare for Linux before 1.7.0 has password disclosure because the rendered page contains the field RemotePassword. | 7.5 |
| 2020-01-05 | CVE-2019-19314 | Cleartext Storage of Sensitive Information vulnerability in Gitlab GitLab EE 8.4 through 12.5, 12.4.3, and 12.3.6 stored several tokens in plaintext. | 7.5 |