CWE-312
AllowedCleartext Storage of Sensitive Information
Abstraction: Base · Status: Draft
The product stores sensitive information in cleartext within a resource that might be accessible to another control sphere.
1017 vulnerabilities reference this CWE, most recent first.
GHSA-47H7-6Q6R-2WP8
Vulnerability from github – Published: 2022-10-13 12:00 – Updated: 2022-10-14 19:00Dell GeoDrive, Versions 2.1 - 2.2, contains an information disclosure vulnerability. An authenticated non-admin user could potentially exploit this vulnerability and gain access to sensitive information.
{
"affected": [],
"aliases": [
"CVE-2022-33918"
],
"database_specific": {
"cwe_ids": [
"CWE-312"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2022-10-12T20:15:00Z",
"severity": "MODERATE"
},
"details": "Dell GeoDrive, Versions 2.1 - 2.2, contains an information disclosure vulnerability. An authenticated non-admin user could potentially exploit this vulnerability and gain access to sensitive information.",
"id": "GHSA-47h7-6q6r-2wp8",
"modified": "2022-10-14T19:00:41Z",
"published": "2022-10-13T12:00:27Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-33918"
},
{
"type": "WEB",
"url": "https://www.dell.com/support/kbdoc/000203632"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-47MP-V7Q4-XPJW
Vulnerability from github – Published: 2022-01-15 00:01 – Updated: 2022-01-23 00:00A vulnerability in the information storage architecture of several Cisco IP Phone models could allow an unauthenticated, physical attacker to obtain confidential information from an affected device. This vulnerability is due to unencrypted storage of confidential information on an affected device. An attacker could exploit this vulnerability by physically extracting and accessing one of the flash memory chips. A successful exploit could allow the attacker to obtain confidential information from the device, which could be used for subsequent attacks.
{
"affected": [],
"aliases": [
"CVE-2022-20660"
],
"database_specific": {
"cwe_ids": [
"CWE-312"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2022-01-14T05:15:00Z",
"severity": "MODERATE"
},
"details": "A vulnerability in the information storage architecture of several Cisco IP Phone models could allow an unauthenticated, physical attacker to obtain confidential information from an affected device. This vulnerability is due to unencrypted storage of confidential information on an affected device. An attacker could exploit this vulnerability by physically extracting and accessing one of the flash memory chips. A successful exploit could allow the attacker to obtain confidential information from the device, which could be used for subsequent attacks.",
"id": "GHSA-47mp-v7q4-xpjw",
"modified": "2022-01-23T00:00:33Z",
"published": "2022-01-15T00:01:53Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-20660"
},
{
"type": "WEB",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ip-phone-info-disc-fRdJfOxA"
},
{
"type": "WEB",
"url": "http://packetstormsecurity.com/files/165567/Cisco-IP-Phone-Cleartext-Password-Storage.html"
},
{
"type": "WEB",
"url": "http://seclists.org/fulldisclosure/2022/Jan/34"
}
],
"schema_version": "1.4.0",
"severity": []
}
GHSA-498H-R594-WHXX
Vulnerability from github – Published: 2022-12-23 00:30 – Updated: 2022-12-28 15:30IBM Security Verify Governance, Identity Manager 10.0.1 stores sensitive information including user credentials in plain clear text which can be read by a local privileged user. IBM X-Force ID: 225007.
{
"affected": [],
"aliases": [
"CVE-2022-22457"
],
"database_specific": {
"cwe_ids": [
"CWE-312"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2022-12-22T22:15:00Z",
"severity": "MODERATE"
},
"details": "IBM Security Verify Governance, Identity Manager 10.0.1 stores sensitive information including user credentials in plain clear text which can be read by a local privileged user. IBM X-Force ID: 225007.",
"id": "GHSA-498h-r594-whxx",
"modified": "2022-12-28T15:30:46Z",
"published": "2022-12-23T00:30:24Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-22457"
},
{
"type": "WEB",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/225007"
},
{
"type": "WEB",
"url": "https://www.ibm.com/support/pages/node/6849247"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-4CVC-J8GF-MG3G
Vulnerability from github – Published: 2024-07-14 15:30 – Updated: 2024-07-14 15:30IBM Datacap Navigator 9.1.5, 9.1.6, 9.1.7, 9.1.8, and 9.1.9 temporarily stores data from different environments that could be obtained by a malicious user. IBM X-Force ID: 295791.
{
"affected": [],
"aliases": [
"CVE-2024-39732"
],
"database_specific": {
"cwe_ids": [
"CWE-312",
"CWE-316"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-07-14T13:15:20Z",
"severity": "MODERATE"
},
"details": "IBM Datacap Navigator 9.1.5, 9.1.6, 9.1.7, 9.1.8, and 9.1.9 temporarily stores data from different environments that could be obtained by a malicious user. IBM X-Force ID: 295791.",
"id": "GHSA-4cvc-j8gf-mg3g",
"modified": "2024-07-14T15:30:57Z",
"published": "2024-07-14T15:30:57Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-39732"
},
{
"type": "WEB",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/295791"
},
{
"type": "WEB",
"url": "https://www.ibm.com/support/pages/node/7160185"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-4F74-84V3-J9Q5
Vulnerability from github – Published: 2023-09-26 18:55 – Updated: 2024-09-30 20:42Impact
When users update their passwords, the new credentials may be briefly held in the server database. While this doesn't grant the server any added capabilities—it already learns the users' passwords as part of the authentication process—it does disrupt the expectation that passwords won't be stored in the database. As a result, these passwords could inadvertently be captured in database backups for a longer duration.
These temporarily stored passwords are automatically erased after a 48-hour window.
Patches
https://github.com/matrix-org/synapse/pull/16272
References
This bug was due to a regression in https://github.com/matrix-org/synapse/pull/13188.
{
"affected": [
{
"package": {
"ecosystem": "PyPI",
"name": "matrix-synapse"
},
"ranges": [
{
"events": [
{
"introduced": "1.66.0"
},
{
"fixed": "1.93.0"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2023-41335"
],
"database_specific": {
"cwe_ids": [
"CWE-312"
],
"github_reviewed": true,
"github_reviewed_at": "2023-09-26T18:55:24Z",
"nvd_published_at": "2023-09-27T15:19:30Z",
"severity": "LOW"
},
"details": "### Impact\n\nWhen users update their passwords, the new credentials may be briefly held in the server database. While this doesn\u0027t grant the server any added capabilities\u2014it already learns the users\u0027 passwords as part of the authentication process\u2014it does disrupt the expectation that passwords won\u0027t be stored in the database. As a result, these passwords could inadvertently be captured in database backups for a longer duration.\n\nThese temporarily stored passwords are automatically erased after a 48-hour window.\n\n### Patches\nhttps://github.com/matrix-org/synapse/pull/16272\n\n### References\n\nThis bug was due to a regression in https://github.com/matrix-org/synapse/pull/13188.",
"id": "GHSA-4f74-84v3-j9q5",
"modified": "2024-09-30T20:42:56Z",
"published": "2023-09-26T18:55:24Z",
"references": [
{
"type": "WEB",
"url": "https://github.com/matrix-org/synapse/security/advisories/GHSA-4f74-84v3-j9q5"
},
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-41335"
},
{
"type": "WEB",
"url": "https://github.com/matrix-org/synapse/pull/13188"
},
{
"type": "WEB",
"url": "https://github.com/matrix-org/synapse/pull/16272"
},
{
"type": "WEB",
"url": "https://github.com/matrix-org/synapse/commit/69b74d9330e42fc91a9c7423d00a06cd6d3732bf"
},
{
"type": "PACKAGE",
"url": "https://github.com/matrix-org/synapse"
},
{
"type": "WEB",
"url": "https://github.com/pypa/advisory-database/tree/main/vulns/matrix-synapse/PYSEC-2023-185.yaml"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2AFB2Y3S2VCPCN5P2XCZTG24MBMZ7DM4"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/65QPC55I4D27HIZP7H2NQ34EOXHPP4AO"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/N6P4QULVUE254WI7XF2LWWOGHCYVFXFY"
},
{
"type": "WEB",
"url": "https://security.gentoo.org/glsa/202401-12"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:C/C:L/I:L/A:N",
"type": "CVSS_V3"
},
{
"score": "CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N",
"type": "CVSS_V4"
}
],
"summary": "matrix-synapse vulnerable to temporary storage of plaintext passwords during password changes"
}
GHSA-4GHF-PQ62-2JFH
Vulnerability from github – Published: 2022-05-24 19:06 – Updated: 2022-05-24 19:06Thunderbird unprotects a secret OpenPGP key prior to using it for a decryption, signing or key import task. If the task runs into a failure, the secret key may remain in memory in its unprotected state. This vulnerability affects Thunderbird < 78.8.1.
{
"affected": [],
"aliases": [
"CVE-2021-29950"
],
"database_specific": {
"cwe_ids": [
"CWE-312"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2021-06-24T14:15:00Z",
"severity": "HIGH"
},
"details": "Thunderbird unprotects a secret OpenPGP key prior to using it for a decryption, signing or key import task. If the task runs into a failure, the secret key may remain in memory in its unprotected state. This vulnerability affects Thunderbird \u003c 78.8.1.",
"id": "GHSA-4ghf-pq62-2jfh",
"modified": "2022-05-24T19:06:09Z",
"published": "2022-05-24T19:06:09Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-29950"
},
{
"type": "WEB",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1673239"
},
{
"type": "WEB",
"url": "https://www.mozilla.org/security/advisories/mfsa2021-17"
}
],
"schema_version": "1.4.0",
"severity": []
}
GHSA-4GJV-H382-MM78
Vulnerability from github – Published: 2025-11-19 18:31 – Updated: 2025-11-20 18:31An issue was discovered in bridgetech VB288 Objective QoE Content Extractor, firmware version 5.6.0-8, allowing attackers to gain sensitive information such as administrator passwords via the /probe/core/setup/passwd endpoint.
{
"affected": [],
"aliases": [
"CVE-2025-63208"
],
"database_specific": {
"cwe_ids": [
"CWE-312"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-11-19T18:15:48Z",
"severity": "HIGH"
},
"details": "An issue was discovered in bridgetech VB288 Objective QoE Content Extractor, firmware version 5.6.0-8, allowing attackers to gain sensitive information such as administrator passwords via the /probe/core/setup/passwd endpoint.",
"id": "GHSA-4gjv-h382-mm78",
"modified": "2025-11-20T18:31:00Z",
"published": "2025-11-19T18:31:21Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-63208"
},
{
"type": "WEB",
"url": "https://bridgetech.tv"
},
{
"type": "WEB",
"url": "https://github.com/shiky8/my--cve-vulnerability-research/tree/main/CVE-2025-63208_bridgetech%20VB288%20Information%20Disclosure"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-4J3P-3M7M-JGP4
Vulnerability from github – Published: 2024-06-26 00:31 – Updated: 2024-06-26 00:31A vulnerability in a password management API in Brocade Fabric OS versions before v9.2.1, v9.2.0b, v9.1.1d, and v8.2.3e prints sensitive information in log files. This could allow an authenticated user to view the server passwords for protocols such as scp and sftp.
Detail. When the firmwaredownload command is incorrectly entered or points to an erroneous file, the firmware download log captures the failed command, including any password entered in the command line.
{
"affected": [],
"aliases": [
"CVE-2024-29954"
],
"database_specific": {
"cwe_ids": [
"CWE-312",
"CWE-532"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-06-26T00:15:10Z",
"severity": "MODERATE"
},
"details": "A vulnerability in a password management API in Brocade Fabric OS versions before v9.2.1, v9.2.0b, v9.1.1d, and v8.2.3e prints sensitive information in log files. This could allow an authenticated user to view the server passwords for protocols such as scp and sftp.\n\nDetail.\nWhen the firmwaredownload command is incorrectly entered or points to an erroneous file, the firmware download log captures the failed command, including any password entered in the command line.",
"id": "GHSA-4j3p-3m7m-jgp4",
"modified": "2024-06-26T00:31:43Z",
"published": "2024-06-26T00:31:43Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-29954"
},
{
"type": "WEB",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/23226"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:H/I:N/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-4JXF-PJGF-G7FC
Vulnerability from github – Published: 2022-04-26 00:00 – Updated: 2022-05-06 00:01VeryFitPro (com.veryfit2hr.second) 3.2.8 hashes the account's password locally on the device and uses the hash to authenticate in all communication with the backend API, including login, registration and changing of passwords. This allows an attacker in possession of a hash to takeover a user's account, rendering the benefits of storing hashed passwords in the database useless.
{
"affected": [],
"aliases": [
"CVE-2021-36460"
],
"database_specific": {
"cwe_ids": [
"CWE-287",
"CWE-312"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2022-04-25T13:15:00Z",
"severity": "HIGH"
},
"details": "VeryFitPro (com.veryfit2hr.second) 3.2.8 hashes the account\u0027s password locally on the device and uses the hash to authenticate in all communication with the backend API, including login, registration and changing of passwords. This allows an attacker in possession of a hash to takeover a user\u0027s account, rendering the benefits of storing hashed passwords in the database useless.",
"id": "GHSA-4jxf-pjgf-g7fc",
"modified": "2022-05-06T00:01:25Z",
"published": "2022-04-26T00:00:42Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-36460"
},
{
"type": "WEB",
"url": "https://github.com/martinfrancois/CVE-2021-36460"
},
{
"type": "WEB",
"url": "http://veryfitpro.com"
},
{
"type": "WEB",
"url": "http://www.i-doo.cn"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-4M98-G8Q6-5R7M
Vulnerability from github – Published: 2022-05-13 01:43 – Updated: 2025-04-20 03:49Encryption key exposure in firmware in iSmartAlarm CubeOne version 2.2.4.8 and earlier allows attackers to decrypt log files via an exposed key.
{
"affected": [],
"aliases": [
"CVE-2017-13663"
],
"database_specific": {
"cwe_ids": [
"CWE-312"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2017-12-01T17:29:00Z",
"severity": "HIGH"
},
"details": "Encryption key exposure in firmware in iSmartAlarm CubeOne version 2.2.4.8 and earlier allows attackers to decrypt log files via an exposed key.",
"id": "GHSA-4m98-g8q6-5r7m",
"modified": "2025-04-20T03:49:21Z",
"published": "2022-05-13T01:43:11Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-13663"
},
{
"type": "WEB",
"url": "https://poppopretn.com/2017/11/30/public-disclosure-firmware-vulnerabilities-in-ismartalarm-cubeone"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
}
]
}
Mitigation
When storing data in the cloud (e.g., S3 buckets, Azure blobs, Google Cloud Storage, etc.), use the provider's controls to encrypt the data at rest. [REF-1297] [REF-1299] [REF-1301]
Mitigation
In some systems/environments such as cloud, the use of "double encryption" (at both the software and hardware layer) might be required, and the developer might be solely responsible for both layers, instead of shared responsibility with the administrator of the broader system/environment.
CAPEC-37: Retrieve Embedded Sensitive Data
An attacker examines a target system to find sensitive data that has been embedded within it. This information can reveal confidential contents, such as account numbers or individual keys/credentials that can be used as an intermediate step in a larger attack.