Vulnerabilities > Insecure Storage of Sensitive Information

DATE CVE VULNERABILITY TITLE RISK
2021-01-12 CVE-2020-4673 Insecure Storage of Sensitive Information vulnerability in IBM Workload Automation 9.5
IBM Workload Automation 9.5 stores sensitive information in HTML comments that could aid in further attacks against the system.
network
low complexity
ibm CWE-922
4.3
2020-12-24 CVE-2020-9202 Insecure Storage of Sensitive Information vulnerability in Huawei TE Mobile V600R006C10/V600R006C10Spc100
There is an information disclosure vulnerability in TE Mobile software versions V600R006C10,V600R006C10SPC100.
local
low complexity
huawei CWE-922
4.4
2020-12-18 CVE-2020-26176 Insecure Storage of Sensitive Information vulnerability in Tangro Business Workflow 1.17.5
An issue was discovered in tangro Business Workflow before 1.18.1.
network
low complexity
tangro CWE-922
4.3
2020-12-16 CVE-2020-4906 Insecure Storage of Sensitive Information vulnerability in IBM Financial Transaction Manager for Multiplatform 3.2.4
IBM Financial Transaction Manager for SWIFT Services for Multiplatforms 3.2.4 allows web pages to be stored locally which can be read by another user on the system.
local
low complexity
ibm CWE-922
3.3
2020-11-16 CVE-2019-19561 Insecure Storage of Sensitive Information vulnerability in Harman Hermes 1.5
A misconfiguration in the debug interface in Mercedes-Benz HERMES 1.5 allows an attacker with direct physical access to device hardware to obtain cellular modem information.
low complexity
harman CWE-922
2.4
2020-11-16 CVE-2019-19557 Insecure Storage of Sensitive Information vulnerability in Harman Hermes 1.0
A misconfiguration in the debug interface in Mercedes-Benz HERMES 1 allows an attacker with direct physical access to device hardware to obtain cellular modem information.
low complexity
harman CWE-922
2.4
2020-11-13 CVE-2020-4886 Insecure Storage of Sensitive Information vulnerability in IBM Infosphere Information Server 11.7
IBM InfoSphere Information Server 11.7 stores sensitive information in the browser's history that could be obtained by a user who has access to the same system.
local
low complexity
ibm CWE-922
3.3
2020-11-09 CVE-2020-4650 Insecure Storage of Sensitive Information vulnerability in IBM Maximo Spatial Asset Management
IBM Maximo Spatial Asset Management 7.6.0.3, 7.6.0.4, 7.6.0.5, and 7.6.1.0 allows web pages to be stored locally which can be read by another user on the system.
local
low complexity
ibm CWE-922
3.3
2020-10-27 CVE-2019-8790 Insecure Storage of Sensitive Information vulnerability in Apple Swift
This issue was addresses by updating incorrect URLSession file descriptors management logic to match Swift 5.0.
local
low complexity
apple CWE-922
5.5
2020-10-19 CVE-2020-13937 Insecure Storage of Sensitive Information vulnerability in Apache Kylin
Apache Kylin 2.0.0, 2.1.0, 2.2.0, 2.3.0, 2.3.1, 2.3.2, 2.4.0, 2.4.1, 2.5.0, 2.5.1, 2.5.2, 2.6.0, 2.6.1, 2.6.2, 2.6.3, 2.6.4, 2.6.5, 2.6.6, 3.0.0-alpha, 3.0.0-alpha2, 3.0.0-beta, 3.0.0, 3.0.1, 3.0.2, 3.1.0, 4.0.0-alpha has one restful api which exposed Kylin's configuration information without any authentication, so it is dangerous because some confidential information entries will be disclosed to everyone.
network
low complexity
apache CWE-922
5.3