Vulnerabilities > Cleartext Storage of Sensitive Information
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-03-09 | CVE-2020-2154 | Cleartext Storage of Sensitive Information vulnerability in Jenkins Zephyr for Jira Test Management Jenkins Zephyr for JIRA Test Management Plugin 1.5 and earlier stores its credentials in plain text in a global configuration file on the Jenkins master file system. | 5.5 |
| 2020-03-05 | CVE-2019-14886 | Cleartext Storage of Sensitive Information vulnerability in Redhat Decision Manager and Process Automation Manager A vulnerability was found in business-central, as shipped in rhdm-7.5.1 and rhpam-7.5.1, where encoded passwords are stored in errai_security_context. | 6.5 |
| 2020-02-26 | CVE-2019-18238 | Cleartext Storage of Sensitive Information vulnerability in Moxa products In Moxa ioLogik 2500 series firmware, Version 3.0 or lower, and IOxpress configuration utility, Version 2.3.0 or lower, sensitive information is stored in configuration files without encryption, which may allow an attacker to access an administrative account. | 7.5 |
| 2020-02-26 | CVE-2020-9407 | Cleartext Storage of Sensitive Information vulnerability in Iblsoft Online Weather IBL Online Weather before 4.3.5a allows attackers to obtain sensitive information by reading the IWEBSERVICE_JSONRPC_COOKIE cookie. | 5.3 |
| 2020-02-11 | CVE-2020-3935 | Cleartext Storage of Sensitive Information vulnerability in Secom Dr.Id Access Control and Dr.Id Attendance System TAIWAN SECOM CO., LTD., a Door Access Control and Personnel Attendance Management system, stores users’ information by cleartext in the cookie, which divulges password to attackers. | 7.5 |
| 2020-02-05 | CVE-2013-2680 | Cleartext Storage of Sensitive Information vulnerability in Cisco Linksys E4200 Firmware 1.0.05 Cisco Linksys E4200 1.0.05 Build 7 devices store passwords in cleartext allowing remote attackers to obtain sensitive information. | 7.5 |
| 2020-02-03 | CVE-2020-4224 | Cleartext Storage of Sensitive Information vulnerability in IBM Storediq IBM StoredIQ 7.6.0.17 through 7.6.0.20 could disclose sensitive information to a local user due to data in certain directories not being encrypted when it contained symbolic links. | 5.5 |
| 2020-01-21 | CVE-2020-7213 | Cleartext Storage of Sensitive Information vulnerability in Parallels 13 Parallels 13 uses cleartext HTTP as part of the update process, allowing man-in-the-middle attacks. | 7.5 |
| 2020-01-15 | CVE-2009-5068 | Cleartext Storage of Sensitive Information vulnerability in Simplemachines Simple Machines Forum There is a file disclosure vulnerability in SMF (Simple Machines Forum) affecting versions through v2.0.3. | 7.2 |
| 2020-01-09 | CVE-2010-3282 | Cleartext Storage of Sensitive Information vulnerability in multiple products 389 Directory Server before 1.2.7.1 (aka Red Hat Directory Server 8.2) and HP-UX Directory Server before B.08.10.03, when audit logging is enabled, logs the Directory Manager password (nsslapd-rootpw) in cleartext when changing cn=config:nsslapd-rootpw, which might allow local users to obtain sensitive information by reading the log. | 3.3 |