Vulnerabilities > Cleartext Storage of Sensitive Information

DATE CVE VULNERABILITY TITLE RISK
2023-09-27 CVE-2023-44159 Cleartext Storage of Sensitive Information vulnerability in Acronis Cyber Protect 15
Sensitive information disclosure due to cleartext storage of sensitive information.
network
low complexity
acronis CWE-312
7.5
2023-09-27 CVE-2023-2358 Cleartext Storage of Sensitive Information vulnerability in Hitachivantara Pentaho Business Analytics
Hitachi Vantara Pentaho Business Analytics Server prior to versions 9.5.0.0 and 9.3.0.4, including 8.3.x.x, saves passwords of the Hadoop Copy Files step in plaintext. 
network
low complexity
hitachivantara CWE-312
4.9
2023-09-13 CVE-2023-40715 Cleartext Storage of Sensitive Information vulnerability in Fortinet Fortitester
A cleartext storage of sensitive information vulnerability [CWE-312] in FortiTester 2.3.0 through 7.2.3 may allow an attacker with access to the DB contents to retrieve the plaintext password of external servers configured in the device.
local
low complexity
fortinet CWE-312
5.5
2023-09-13 CVE-2023-4400 Cleartext Storage of Sensitive Information vulnerability in Skyhighsecurity Secure web Gateway 10.0.0/11.0.0/12.0.0
A password management vulnerability in Skyhigh Secure Web Gateway (SWG) in main releases 11.x prior to 11.2.14, 10.x prior to 10.2.25 and controlled release 12.x prior to 12.2.1, allows some authentication information stored in configuration files to be extracted through SWG REST API.
network
low complexity
skyhighsecurity CWE-312
6.5
2023-09-11 CVE-2023-31069 Cleartext Storage of Sensitive Information vulnerability in Tsplus Remote Access 16.0.0.0
An issue was discovered in TSplus Remote Access through 16.0.2.14.
network
low complexity
tsplus CWE-312
critical
9.8
2023-09-01 CVE-2023-3950 Cleartext Storage of Sensitive Information vulnerability in Gitlab
An information disclosure issue in GitLab EE affecting all versions from 16.2 prior to 16.2.5, and 16.3 prior to 16.3.1 allowed other Group Owners to see the Public Key for a Google Cloud Logging audit event streaming destination, if configured.
network
low complexity
gitlab CWE-312
3.8
2023-08-31 CVE-2023-31423 Cleartext Storage of Sensitive Information vulnerability in Broadcom Brocade Sannav
Possible information exposure through log file vulnerability where sensitive fields are recorded in the configuration log without masking on Brocade SANnav before v2.3.0 and 2.2.2a.
local
low complexity
broadcom CWE-312
5.5
2023-08-31 CVE-2023-31925 Cleartext Storage of Sensitive Information vulnerability in Broadcom Brocade Sannav
Brocade SANnav before v2.3.0 and v2.2.2a stores SNMPv3 Authentication passwords in plaintext.
network
low complexity
broadcom CWE-312
6.5
2023-08-31 CVE-2023-3489 Cleartext Storage of Sensitive Information vulnerability in Broadcom Fabric Operating System 9.2.0
The firmwaredownload command on Brocade Fabric OS v9.2.0 could log the FTP/SFTP/SCP server password in clear text in the SupportSave file when performing a downgrade from Fabric OS v9.2.0 to any earlier version of Fabric OS.
network
low complexity
broadcom CWE-312
7.5
2023-08-14 CVE-2023-40354 Cleartext Storage of Sensitive Information vulnerability in Mariadb Maxscale
An issue was discovered in MariaDB MaxScale before 23.02.3.
network
low complexity
mariadb CWE-312
6.5