Vulnerabilities > Cleartext Storage of Sensitive Information
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-10-14 | CVE-2023-44037 | Cleartext Storage of Sensitive Information vulnerability in Zpesystems Nodegrid OS An issue in ZPE Systems, Inc Nodegrid OS v.5.8.10 thru v.5.8.13 and v.5.10.3 thru v.5.10.5 allows a remote attacker to obtain sensitive information via the TACACS+ server component. | 7.5 |
| 2023-10-10 | CVE-2023-41964 | Cleartext Storage of Sensitive Information vulnerability in F5 products The BIG-IP and BIG-IQ systems do not encrypt some sensitive information written to Database (DB) variables. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated. | 6.5 |
| 2023-10-04 | CVE-2023-2809 | Cleartext Storage of Sensitive Information vulnerability in Sage 200 Spain 2023.38.001 Plaintext credential usage vulnerability in Sage 200 Spain 2023.38.001 version, the exploitation of which could allow a remote attacker to extract SQL database credentials from the DLL application. | 9.8 |
| 2023-09-27 | CVE-2023-4066 | Cleartext Storage of Sensitive Information vulnerability in Redhat products A flaw was found in Red Hat's AMQ Broker, which stores certain passwords in a secret security-properties-prop-module, defined in ActivemqArtemisSecurity CR; however, they are shown in plaintext in the StatefulSet details yaml of AMQ Broker. | 5.5 |
| 2023-09-27 | CVE-2023-41335 | Cleartext Storage of Sensitive Information vulnerability in multiple products Synapse is an open-source Matrix homeserver written and maintained by the Matrix.org Foundation. | 3.7 |
| 2023-09-27 | CVE-2023-44153 | Cleartext Storage of Sensitive Information vulnerability in Acronis Cyber Protect 15 Sensitive information disclosure due to cleartext storage of sensitive information in memory. | 7.5 |
| 2023-09-27 | CVE-2023-44159 | Cleartext Storage of Sensitive Information vulnerability in Acronis Cyber Protect 15 Sensitive information disclosure due to cleartext storage of sensitive information. | 7.5 |
| 2023-09-27 | CVE-2023-2358 | Cleartext Storage of Sensitive Information vulnerability in Hitachivantara Pentaho Business Analytics Hitachi Vantara Pentaho Business Analytics Server prior to versions 9.5.0.0 and 9.3.0.4, including 8.3.x.x, saves passwords of the Hadoop Copy Files step in plaintext. | 4.9 |
| 2023-09-13 | CVE-2023-40715 | Cleartext Storage of Sensitive Information vulnerability in Fortinet Fortitester A cleartext storage of sensitive information vulnerability [CWE-312] in FortiTester 2.3.0 through 7.2.3 may allow an attacker with access to the DB contents to retrieve the plaintext password of external servers configured in the device. | 5.5 |
| 2023-09-13 | CVE-2023-4400 | Cleartext Storage of Sensitive Information vulnerability in Skyhighsecurity Secure web Gateway 10.0.0/11.0.0/12.0.0 A password management vulnerability in Skyhigh Secure Web Gateway (SWG) in main releases 11.x prior to 11.2.14, 10.x prior to 10.2.25 and controlled release 12.x prior to 12.2.1, allows some authentication information stored in configuration files to be extracted through SWG REST API. | 6.5 |