CWE-312

Cleartext Storage of Sensitive Information

Parent: CWE-311 - Missing Encryption of Sensitive Data

The product stores sensitive information in cleartext within a resource that might be accessible to another control sphere.

805 vulnerabilities with CWE-312
CVE-2018-9065 HIGH
Lenovo xClarity Administrator < 2.1.0 - Cleartext Storage of Sensitive Credentials
CVSS 7.5
CVE-2018-10871 LOW
389 Directory Server < 1.3.8.5 - Cleartext Storage of Sensitive Information in Replica and RetroChangeLog Plugins
CVSS 3.8
CVE-2018-1621 MEDIUM
IBM WebSphere Application Server - Info Disclosure
CVSS 4.4
CVE-2018-11242 MEDIUM
MakeMyTrip 7.2.4 - Cleartext Storage of Sensitive Information in Local Databases
CVSS 6.5
CVE-2018-10812 MEDIUM
Bitpie Bitcoin Wallet < 3.2.4 - Cleartext Storage of Sensitive Information
CVSS 4.1
CVE-2018-8947 HIGH
rap2hpoutre Laravel Log Viewer < 0.13.0 - Cleartext Storage of Sensitive Information via Base64 Encoding
CVSS 7.5
CVE-2018-0089 HIGH
Cisco Policy Suite - Unauthenticated Sensitive Data Exposure via Internal VLAN Access
CVSS 7.5
CVE-2017-20040 MEDIUM
SICUNET Access Controller <0.32-05z - Weak Encryption
CVSS 5.9
CVE-2017-2672 MEDIUM
Foreman < 1.15 - Unprotected Credential Exposure in Image Provisioning Logs
CVSS 6.5
CVE-2017-9654 HIGH
Philips DoseWise Portal <2.1.1.3069 - Info Disclosure
CVSS 8.8
CVE-2017-5250 CRITICAL
Insteon for Hub <1.9.7 - Info Disclosure
CVSS 9.8
CVE-2017-5249 CRITICAL
Wink Labs' Wink <6.1.0.19 - Info Disclosure
CVSS 9.8
CVE-2017-16835 HIGH
Photo,Video Locker-Calculator 12.0 - Info Disclosure
CVSS 7.5
CVE-2017-9663 HIGH
GM Shanghai OnStar iOS Client 7.1 - Cleartext Storage of Sensitive Information
CVSS 7.5
CVE-2017-13663 HIGH
iSmartAlarm CubeOne Firmware < 2.2.4.8 - Cleartext Storage of Sensitive Encryption Key
CVSS 7.5
CVE-2017-2723 MEDIUM
Huawei Files < 7.1.1.308 - Cleartext Storage of Sensitive Information
CVSS 6.7
CVE-2017-14990 MEDIUM
WordPress 4.8.2 - Cleartext Storage of Sensitive Information in wp_signups.activation_key
CVSS 6.5
CVE-2017-1309 HIGH
IBM InfoSphere Master Data Mgmt <11.7 - Info Disclosure
CVSS 7.8
CVE-2017-3214 HIGH
Milwaukee ONE-KEY - Cleartext Storage of Sensitive Information in APK Binary
CVSS 7.5
CVE-2016-3192 MEDIUM
Cloudera Manager 5.0.0-5.5.4 - Cleartext Storage of Sensitive Information
CVSS 6.5
CVE-2016-8366 HIGH
Phoenix Contact ILC PLC - Info Disclosure
CVSS 7.3
CVE-2016-0876 HIGH
Moxa Secure Router EDR-G903 <3.4.12 - Info Disclosure
CVSS 7.5
CVE-2015-8314 HIGH
Devise < 3.5.4 - Cleartext Storage of Sensitive Information in Remember Me Cookies
CVSS 7.5
CVE-2015-1931 MEDIUM
IBM Java SDK 5.0.0.0-5.0.16.12 - Cleartext Storage of Sensitive Information in Memory Dumps
CVSS 5.5
CVE-2015-1012 HIGH
Hospira LifeCare PCA Infusion System <5 - Info Disclosure
CVSS 7.5
Details
Vulnerabilities 805
Links
MITRE CWE Entry Search this CWE With Exploits