Vulnerabilities > Cleartext Storage of Sensitive Information

DATE CVE VULNERABILITY TITLE RISK
2021-10-27 CVE-2021-29786 Cleartext Storage of Sensitive Information vulnerability in IBM products
IBM Jazz Team Server products stores user credentials in clear text which can be read by an authenticated user.
network
low complexity
ibm CWE-312
4.0
2021-10-25 CVE-2021-40527 Cleartext Storage of Sensitive Information vulnerability in Onepeloton Peloton
Exposure of senstive information to an unauthorised actor in the "com.onepeloton.erlich" mobile application up to and including version 1.7.22 allows a remote attacker to access developer files stored in an AWS S3 bucket, by reading credentials stored in plain text within the mobile application.
network
low complexity
onepeloton CWE-312
5.0
2021-10-19 CVE-2021-38911 Cleartext Storage of Sensitive Information vulnerability in IBM Security Risk Manager on Cp4S 1.7.2.0
IBM Security Risk Manager on CP4S 1.7.0.0 stores user credentials in plain clear text which can be read by a an authenticatedl privileged user.
network
low complexity
ibm CWE-312
4.0
2021-10-13 CVE-2021-40454 Cleartext Storage of Sensitive Information vulnerability in Microsoft products
Rich Text Edit Control Information Disclosure Vulnerability
local
low complexity
microsoft CWE-312
2.1
2021-10-12 CVE-2021-38915 Cleartext Storage of Sensitive Information vulnerability in IBM Data Risk Manager 2.0.6
IBM Data Risk Manager 2.0.6 stores user credentials in plain clear text which can be read by an authenticated user.
network
low complexity
ibm CWE-312
4.0
2021-09-28 CVE-2021-36165 Cleartext Storage of Sensitive Information vulnerability in Riconmobile S9922L Firmware 16.10.3(3794)
RICON Industrial Cellular Router S9922L 16.10.3(3794) is affected by cleartext storage of sensitive information and sends username and password as base64.
network
low complexity
riconmobile CWE-312
5.0
2021-09-23 CVE-2021-29904 Cleartext Storage of Sensitive Information vulnerability in IBM Jazz for Service Management 1.1.3.10
IBM Jazz for Service Management 1.1.3.10 and IBM Tivoli Netcool/OMNIbus_GUI displays user credentials in plain clear text which can be read by a local user.
local
low complexity
ibm CWE-312
2.1
2021-09-14 CVE-2021-33716 Cleartext Storage of Sensitive Information vulnerability in Siemens products
A vulnerability has been identified in SIMATIC CP 1543-1 (incl.
low complexity
siemens CWE-312
3.3
2021-09-08 CVE-2020-19137 Cleartext Storage of Sensitive Information vulnerability in Autumn Project Autumn
Incorrect Access Control in Autumn v1.0.4 and earlier allows remote attackers to obtain clear-text login credentials via the component "autumn-cms/user/getAllUser/?page=1&limit=10".
network
low complexity
autumn-project CWE-312
5.0
2021-09-08 CVE-2021-1865 Cleartext Storage of Sensitive Information vulnerability in Apple Ipados and Iphone OS
An issue obscuring passwords in screenshots was addressed with improved logic.
network
apple CWE-312
4.3