Vulnerabilities > Cleartext Storage of Sensitive Information

DATE CVE VULNERABILITY TITLE RISK
2018-07-06 CVE-2018-1621 Cleartext Storage of Sensitive Information vulnerability in IBM Websphere Application Server
IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 could allow a local attacker to obtain clear text password in a trace file caused by improper handling of some datasource custom properties.
local
low complexity
ibm CWE-312
6.7
2018-05-20 CVE-2018-11242 Cleartext Storage of Sensitive Information vulnerability in Makemytrip 7.2.4
An issue was discovered in the MakeMyTrip application 7.2.4 for Android.
network
low complexity
makemytrip CWE-312
6.5
2018-05-08 CVE-2018-10812 Cleartext Storage of Sensitive Information vulnerability in Bitpie Bitcoin Wallet
The Bitpie application through 3.2.4 for Android and iOS uses cleartext storage for digital currency initial keys, which allows local users to steal currency by leveraging root access to read /com.biepie/shared_prefs/com.bitpie_preferences.xml (on Android) or a plist file in the app data folder (on iOS).
local
high complexity
bitpie CWE-312
4.1
2018-03-25 CVE-2018-8947 Cleartext Storage of Sensitive Information vulnerability in Laravel LOG Viewer Project Laravel LOG Viewer
rap2hpoutre Laravel Log Viewer before v0.13.0 relies on Base64 encoding for l, dl, and del requests, which makes it easier for remote attackers to bypass intended access restrictions, as demonstrated by reading arbitrary files via a dl request.
network
low complexity
laravel-log-viewer-project CWE-312
7.5
2018-02-20 CVE-2017-16835 Cleartext Storage of Sensitive Information vulnerability in Photo,Video Locker-Calculator Project Photo,Video Locker-Calculator 12.0
The "Photo,Video Locker-Calculator" application 12.0 for Android has android:allowBackup="true" in AndroidManifest.xml, which allows attackers to obtain sensitive cleartext information via an "adb backup '-f smart.calculator.gallerylock'" command.
7.5
2018-01-09 CVE-2017-9663 Cleartext Storage of Sensitive Information vulnerability in GM Shanghai Onstar 7.1
An Cleartext Storage of Sensitive Information issue was discovered in General Motors (GM) and Shanghai OnStar (SOS) SOS iOS Client 7.1.
network
low complexity
gm CWE-312
7.5
2017-12-01 CVE-2017-13663 Cleartext Storage of Sensitive Information vulnerability in Ismartalarm Cubeone Firmware
Encryption key exposure in firmware in iSmartAlarm CubeOne version 2.2.4.8 and earlier allows attackers to decrypt log files via an exposed key.
network
low complexity
ismartalarm CWE-312
7.5
2017-11-22 CVE-2017-2723 Cleartext Storage of Sensitive Information vulnerability in Huawei Files 7.1.1.308
The Files APP 7.1.1.308 and earlier versions in some Huawei mobile phones has a vulnerability of plaintext storage of users' Safe passwords.
local
low complexity
huawei CWE-312
6.7
2017-10-03 CVE-2017-14990 Cleartext Storage of Sensitive Information vulnerability in multiple products
WordPress 4.8.2 stores cleartext wp_signups.activation_key values (but stores the analogous wp_users.user_activation_key values as hashes), which might make it easier for remote attackers to hijack unactivated user accounts by leveraging database read access (such as access gained through an unspecified SQL injection vulnerability).
network
low complexity
wordpress debian CWE-312
6.5
2017-07-19 CVE-2017-1309 Cleartext Storage of Sensitive Information vulnerability in IBM Infosphere Master Data Management Server
IBM InfoSphere Master Data Management Server 11.0 - 11.6 stores user credentials in plain in clear text which can be read by a local user.
local
low complexity
ibm CWE-312
7.8