CWE-312

Cleartext Storage of Sensitive Information

Parent: CWE-311 - Missing Encryption of Sensitive Data

The product stores sensitive information in cleartext within a resource that might be accessible to another control sphere.

786 vulnerabilities with CWE-312
CVE-2024-9991 HIGH
Philips lighting devices - Info Disclosure
CVE-2024-8070 HIGH
Firmware <version> - Info Disclosure
CVSS 8.5
CVE-2024-9802 MEDIUM
Linuxfoundation Zowe API Mediation Layer < 2.17.0 - Cleartext Storage
CVSS 5.3
CVE-2024-9798 CRITICAL
Linuxfoundation Zowe API Mediation Layer < 1.28.8 - Cleartext Storage
CVSS 9.0
CVE-2024-9466 MEDIUM
Paloaltonetworks Expedition < 1.2.96 - Log Information Exposure
CVSS 6.5
CVE-2024-6400 HIGH
Finrota Netahsilat <1.24.03 - Info Disclosure
CVSS 7.5
CVE-2024-47529 MEDIUM
OpenC3 COSMOS <5.19.0 - XSS
CVSS 6.5
CVE-2024-20448 MEDIUM
Cisco Nexus Dashboard Fabric Controller - Info Disclosure
CVSS 6.3
CVE-2024-25661 HIGH
Nokia Transcend Network Management System - Cleartext Storage
CVSS 7.7
CVE-2024-25658 MEDIUM
Nokia Transcend Network Management System - Cleartext Storage
CVSS 6.5
CVE-2024-28807 MEDIUM
Nokia Hit 7300 Firmware - Cleartext Storage
CVSS 6.5
CVE-2024-28810 MEDIUM
Nokia Hit 7300 Firmware - Cleartext Storage
CVSS 6.6
CVE-2024-28809 HIGH
Nokia Hit 7300 Firmware - Hard-coded Credentials
CVSS 8.8
CVE-2024-8459 HIGH
PLANET Technology - Info Disclosure
CVSS 7.2
CVE-2024-45744 LOW
TopQuadrant TopBraid EDG <7.1.3 - Info Disclosure
CVSS 3.0
CVE-2024-8644 HIGH
Oceanic Software ValeApp <2.0.0 - JSON Hijacking
CVSS 7.5
CVE-2024-7259 MEDIUM
Ovirt-engine < 4.5.7 - Cleartext Storage
CVSS 4.9
CVE-2024-6785 MEDIUM
Configuration File - Info Disclosure
CVSS 5.5
CVE-2024-9040 LOW
Blood Bank Management System 1.0 - Info Disclosure
CVSS 2.3
CVE-2024-45862 HIGH
Kastle Access Control System Firmware < 2024-05-01 - Cleartext Storage
CVSS 7.5
CVE-2024-31415 MEDIUM
Eaton Foreseer Electrical Power Monit... - Insufficiently Protected Credentials
CVSS 6.3
CVE-2024-41629 MEDIUM
TI Fusion Digital Power Designer - Information Disclosure
CVSS 5.5
CVE-2024-40457 CRITICAL
No-IP DUC v3.x - Info Disclosure
CVSS 9.1
CVE-2024-8689 MEDIUM
Cortex XSOAR/XSIAM - Info Disclosure
CVE-2024-35282 MEDIUM
FortiClient VPN iOS <7.2, <7.0, <6.4, <6.2, <6.0 - Info Disclosure
CVSS 4.2
Details
Vulnerabilities 786
Links
MITRE CWE Entry Search this CWE With Exploits