Vulnerabilities > Cleartext Storage of Sensitive Information

DATE CVE VULNERABILITY TITLE RISK
2019-10-29 CVE-2019-4314 Cleartext Storage of Sensitive Information vulnerability in IBM Security Guardium BIG Data Intelligence 4.0
IBM Security Guardium Big Data Intelligence (SonarG) 4.0 stores sensitive information in cleartext within a resource that might be accessible to another control sphere.
network
low complexity
ibm CWE-312
7.5
2019-10-28 CVE-2019-3636 Cleartext Storage of Sensitive Information vulnerability in Mcafee Total Protection
A File Masquerade vulnerability in McAfee Total Protection (MTP) version 16.0.R21 and earlier in Windows client allowed an attacker to read the plaintext list of AV-Scan exclusion files from the Windows registry, and to possibly replace excluded files with potential malware without being detected.
local
low complexity
mcafee CWE-312
7.8
2019-10-16 CVE-2019-10453 Cleartext Storage of Sensitive Information vulnerability in Jenkins Delphix
Jenkins Delphix Plugin stores credentials unencrypted in its global configuration file on the Jenkins master where they can be viewed by users with access to the master file system.
local
low complexity
jenkins CWE-312
7.8
2019-10-16 CVE-2019-10452 Cleartext Storage of Sensitive Information vulnerability in Jenkins View26 Test-Reporting
Jenkins View26 Test-Reporting Plugin stores credentials unencrypted in job config.xml files on the Jenkins master where they can be viewed by users with Extended Read permission, or access to the master file system.
network
low complexity
jenkins CWE-312
4.3
2019-10-16 CVE-2019-10451 Cleartext Storage of Sensitive Information vulnerability in Jenkins Soasta Cloudtest
Jenkins SOASTA CloudTest Plugin stores credentials unencrypted in its global configuration file on the Jenkins master where they can be viewed by users with access to the master file system.
network
low complexity
jenkins CWE-312
4.3
2019-10-16 CVE-2019-10450 Cleartext Storage of Sensitive Information vulnerability in Jenkins Elasticbox CI
Jenkins ElasticBox CI Plugin stores credentials unencrypted in the global config.xml configuration file on the Jenkins master where they can be viewed by users with access to the master file system.
local
low complexity
jenkins CWE-312
3.3
2019-10-16 CVE-2019-10449 Cleartext Storage of Sensitive Information vulnerability in Jenkins Fortify on Demand
Jenkins Fortify on Demand Plugin stores credentials unencrypted in job config.xml files on the Jenkins master where they can be viewed by users with Extended Read permission, or access to the master file system.
network
low complexity
jenkins CWE-312
8.8
2019-10-16 CVE-2019-10447 Cleartext Storage of Sensitive Information vulnerability in Jenkins Sofy.Ai 1.0.0/1.0.1/1.0.3
Jenkins Sofy.AI Plugin stores credentials unencrypted in job config.xml files on the Jenkins master where they can be viewed by users with Extended Read permission, or access to the master file system.
network
low complexity
jenkins CWE-312
4.3
2019-10-16 CVE-2019-10443 Cleartext Storage of Sensitive Information vulnerability in Jenkins Icescrum
Jenkins iceScrum Plugin 1.1.4 and earlier stored credentials unencrypted in job config.xml files on the Jenkins master where they could be viewed by users with Extended Read permission, or access to the master file system.
network
low complexity
jenkins CWE-312
8.8
2019-10-16 CVE-2019-10440 Cleartext Storage of Sensitive Information vulnerability in Jenkins Neoload
Jenkins NeoLoad Plugin 2.2.5 and earlier stored credentials unencrypted in its global configuration file and in job config.xml files on the Jenkins master where they could be viewed by users with Extended Read permission, or access to the master file system.
network
low complexity
jenkins CWE-312
8.8