Filtered by CWE-256
Total 104 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2020-3483 1 Cisco 1 Duo Network Gateway 2024-11-13 7.1 High
Duo has identified and fixed an issue with the Duo Network Gateway (DNG) product in which some customer-provided SSL certificates and private keys were not excluded from logging. This issue resulted in certificate and private key information being written out in plain-text to local files on the DNG host. Any private keys logged in this way could be viewed by those with access to the DNG host operating system without any need for reversing encrypted values or similar techniques. An attacker that gained access to the DNG logs and with the ability to intercept and manipulate network traffic between a user and the DNG, could decrypt and manipulate SSL/TLS connections to the DNG and to the protected applications behind it. Duo Network Gateway (DNG) versions 1.3.3 through 1.5.7 are affected.
CVE-2020-26079 1 Cisco 1 Iot Field Network Director 2024-11-13 4.9 Medium
A vulnerability in the web UI of Cisco IoT Field Network Director (FND) could allow an authenticated, remote attacker to obtain hashes of user passwords on an affected device. The vulnerability is due to insufficient protection of user credentials. An attacker could exploit this vulnerability by logging in as an administrative user and crafting a call for user information. A successful exploit could allow the attacker to obtain hashes of user passwords on an affected device.
CVE-2021-1126 1 Cisco 1 Firepower Management Center 2024-11-12 5.5 Medium
A vulnerability in the storage of proxy server credentials of Cisco Firepower Management Center (FMC) could allow an authenticated, local attacker to view credentials for a configured proxy server. The vulnerability is due to clear-text storage and weak permissions of related configuration files. An attacker could exploit this vulnerability by accessing the CLI of the affected software and viewing the contents of the affected files. A successful exploit could allow the attacker to view the credentials that are used to access the proxy server.
CVE-2024-40116 1 Solar-log 1 Solar-log 1000 Firmware 2024-11-11 N/A
An issue in Solar-Log 1000 before v2.8.2 and build 52-23.04.2013 was discovered to store plaintext passwords in the export.html, email.html, and sms.html files -- fixed with 3.0.0-60 11.10.2013 for SL 200, 500, 1000 / not existing for SL 250, 300, 1200, 2000, SL 50 Gateway, SL Base.
CVE-2021-1589 1 Cisco 1 Sd-wan 2024-11-07 6.5 Medium
A vulnerability in the disaster recovery feature of Cisco SD-WAN vManage Software could allow an authenticated, remote attacker to gain unauthorized access to user credentials. This vulnerability exists because access to API endpoints is not properly restricted. An attacker could exploit this vulnerability by sending a request to an API endpoint. A successful exploit could allow the attacker to gain unauthorized access to administrative credentials that could be used in further attacks.
CVE-2024-49370 1 Pimcore 1 Pimcore 2024-11-06 4.9 Medium
Pimcore is an open source data and experience management platform. When a PortalUserObject is connected to a PimcoreUser and "Use Pimcore Backend Password" is set to true, the change password function in Portal Profile sets the new password. Prior to Pimcore portal engine versions 4.1.7 and 3.1.16, the password is then set without hashing so it can be read by everyone. Everyone who combines PortalUser to PimcoreUsers and change passwords via profile settings could be affected. Versions 4.1.7 and 3.1.16 of the Pimcore portal engine fix the issue.
CVE-2024-39459 2024-11-01 4.3 Medium
In rare cases Jenkins Plain Credentials Plugin 182.v468b_97b_9dcb_8 and earlier stores secret file credentials unencrypted (only Base64 encoded) on the Jenkins controller file system, where they can be viewed by users with access to the Jenkins controller file system (global credentials) or with Item/Extended Read permission (folder-scoped credentials).
CVE-2023-3395 1 Ovarro 10 Tbox Lt2, Tbox Lt2 Firmware, Tbox Ms-cpu32 and 7 more 2024-10-24 6.5 Medium
​All versions of the TWinSoft Configuration Tool store encrypted passwords as plaintext in memory. An attacker with access to system files could open a file to load the document into memory, including sensitive information associated with document, such as password. The attacker could then obtain the plaintext password by using a memory viewer.
CVE-2023-35765 1 Piigab 2 M-bus 900s, M-bus 900s Firmware 2024-10-24 6.5 Medium
PiiGAB M-Bus stores credentials in a plaintext file, which could allow a low-level user to gain admin credentials.
CVE-2023-35067 1 Infodrom 1 E-invoice Approval System 2024-10-23 7.5 High
Plaintext Storage of a Password vulnerability in Infodrom Software E-Invoice Approval System allows Read Sensitive Strings Within an Executable.This issue affects E-Invoice Approval System: before v.20230701.
CVE-2023-26204 1 Fortinet 1 Fortisiem 2024-10-22 3.6 Low
A plaintext storage of a password vulnerability [CWE-256] in FortiSIEM 6.7 all versions, 6.6 all versions, 6.5 all versions, 6.4 all versions, 6.3 all versions, 6.2 all versions, 6.1 all versions, 5.4 all versions, 5.3 all versions may allow an attacker able to access user DB content to impersonate any admin user on the device GUI.
CVE-2024-20489 1 Cisco 1 Ios Xr 2024-10-03 8.4 High
A vulnerability in the storage method of the PON Controller configuration file could allow an authenticated, local attacker with low privileges to obtain the MongoDB credentials. This vulnerability is due to improper storage of the unencrypted database credentials on the device that is running Cisco IOS XR Software. An attacker could exploit this vulnerability by accessing the configuration files on an affected system. A successful exploit could allow the attacker to view MongoDB credentials.
CVE-2024-42496 2024-09-30 N/A
Smart-tab Android app installed April 2023 or earlier contains an issue with plaintext storage of a password. If this vulnerability is exploited, an attacker with physical access to the device may retrieve the credential information and spoof the device to access the related external service.
CVE-2024-3082 1 Proges 3 Sensor Net Connect, Sensor Net Connect Firmware V2, Sensor Net Connect V2 2024-09-30 4.2 Medium
A “CWE-256: Plaintext Storage of a Password” affecting the administrative account allows an attacker with physical access to the machine to retrieve the password in cleartext unless specific security measures at other layers (e.g., full-disk encryption) have been enabled.
CVE-2024-31899 1 Ibm 1 Cognos Command Center 2024-09-30 4.3 Medium
IBM Cognos Command Center 10.2.4.1 and 10.2.5 could disclose highly sensitive user information to an authenticated user with physical access to the device.
CVE-2023-39227 1 Softneta 1 Meddream Pacs 2024-09-25 6.1 Medium
​Softneta MedDream PACS stores usernames and passwords in plaintext. The plaintext storage could be abused by attackers to leak legitimate user’s credentials.
CVE-2023-4918 1 Redhat 2 Keycloak, Red Hat Single Sign On 2024-09-25 8.8 High
A flaw was found in the Keycloak package, more specifically org.keycloak.userprofile. When a user registers itself through registration flow, the "password" and "password-confirm" field from the form will occur as regular user attributes. All users and clients with proper rights and roles are able to read users attributes, allowing a malicious user with minimal access to retrieve the users passwords in clear text, jeopardizing their environment.
CVE-2024-44815 2 Hathway, Skyworthdigital 3 Skyworth Cm5100-511, Skyworth Cm5100-511 Firmware, Cm5100 Firmware 2024-09-25 8 High
Vulnerability in Hathway Skyworth Router CM5100 v.4.1.1.24 allows a physically proximate attacker to obtain user credentials via SPI flash Firmware W25Q64JV.
CVE-2024-5960 2 Eliz Software, Elizsoftware 2 Panel, Panel 2024-09-25 9.8 Critical
Plaintext Storage of a Password vulnerability in Eliz Software Panel allows : Use of Known Domain Credentials.This issue affects Panel: before v2.3.24.
CVE-2023-39452 1 Socomec 2 Modulys Gp, Modulys Gp Firmware 2024-09-25 7.5 High
The web application that owns the device clearly stores the credentials within the user management section. Obtaining this information can be done remotely due to the incorrect management of the sessions in the web application.