Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2018-18984

Summary
Assigner-icscert
Assigner Org ID-7d14cffa-0d7d-4270-9dc0-52cabd5a23a6
Published At-14 Dec, 2018 | 15:00
Updated At-22 May, 2025 | 16:40
Rejected At-
Credits

Medtronic 9790, 2090 CareLink, and 29901 Encore Programmers Missing Encryption of Sensitive Data

Medtronic CareLink and Encore Programmers do not encrypt or do not sufficiently encrypt sensitive PII and PHI information while at rest .

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:icscert
Assigner Org ID:7d14cffa-0d7d-4270-9dc0-52cabd5a23a6
Published At:14 Dec, 2018 | 15:00
Updated At:22 May, 2025 | 16:40
Rejected At:
▼CVE Numbering Authority (CNA)
Medtronic 9790, 2090 CareLink, and 29901 Encore Programmers Missing Encryption of Sensitive Data

Medtronic CareLink and Encore Programmers do not encrypt or do not sufficiently encrypt sensitive PII and PHI information while at rest .

Affected Products
Vendor
Medtronic
Product
CareLink 9790 Programmer
Default Status
unaffected
Versions
Affected
  • All versions
Vendor
Medtronic
Product
CareLink 2090 Programmer
Default Status
unaffected
Versions
Affected
  • All versions
Vendor
Medtronic
Product
29901 Encore Programmer
Default Status
unaffected
Versions
Affected
  • All versions
Problem Types
TypeCWE IDDescription
CWECWE-311CWE-311 Missing Encryption of Sensitive Data
Type: CWE
CWE ID: CWE-311
Description: CWE-311 Missing Encryption of Sensitive Data
Metrics
VersionBase scoreBase severityVector
3.14.6MEDIUM
CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Version: 3.1
Base score: 4.6
Base severity: MEDIUM
Vector:
CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds

The CareLink 9790 Programmer has been placed into end-of-life status and is no longer supported by Medtronic. Medtronic recommends users no longer use the 9790 for any purpose. The CareLink 2090 and 29901 Encore programmers store PHI and PII as part of their normal operating procedure. Medtronic recommends that when devices are storing PHI/PII it should be retained on these programmers for the least amount of time necessary, and should be handled, managed and secured in a manner consistent with the applicable laws for patient data privacy. Please contact a Medtronic representative for proper disposal and PHI/PII retention setting instructions. All affected programmers allow for the manual deletion of programmer-generated reports, which could contain PHI/PII. Medtronic recommends users delete these reports when no longer needed and prior to any disposition of the programmer. Medtronic recommends users take additional defensive measures to minimize the risk of exploitation. Specifically, hospitals and clinicians should: * Maintain strict physical control of the programmer. * Use only legitimately obtained programmers and not ones provided by any third party. Proper disposal of these programmers and the associated electronic media storing data is critical for the continued protection of any PHI and PII residing on the programmer. Medtronic has released a security bulletin related to this advisory that is available, with contact information, at the following location: https://www.medtronic.com/security

Exploits
Credits
finder
Researchers Billy Rios and Jonathan Butts of Whitescope LLC reported this vulnerability
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://global.medtronic.com/xg-en/product-security/security-bulletins/carelink-9790-2090-29901.html
N/A
https://ics-cert.us-cert.gov/advisories/ICSMA-18-347-01
N/A
http://www.securityfocus.com/bid/106215
vdb-entry
Hyperlink: https://global.medtronic.com/xg-en/product-security/security-bulletins/carelink-9790-2090-29901.html
Resource: N/A
Hyperlink: https://ics-cert.us-cert.gov/advisories/ICSMA-18-347-01
Resource: N/A
Hyperlink: http://www.securityfocus.com/bid/106215
Resource:
vdb-entry
▼Authorized Data Publishers (ADP)
CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
http://www.securityfocus.com/bid/106215
vdb-entry
x_refsource_BID
x_transferred
https://ics-cert.us-cert.gov/advisories/ICSMA-18-347-01
x_refsource_MISC
x_transferred
Hyperlink: http://www.securityfocus.com/bid/106215
Resource:
vdb-entry
x_refsource_BID
x_transferred
Hyperlink: https://ics-cert.us-cert.gov/advisories/ICSMA-18-347-01
Resource:
x_refsource_MISC
x_transferred
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:ics-cert@hq.dhs.gov
Published At:14 Dec, 2018 | 15:29
Updated At:22 May, 2025 | 17:15

Medtronic CareLink and Encore Programmers do not encrypt or do not sufficiently encrypt sensitive PII and PHI information while at rest .

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Secondary3.14.6MEDIUM
CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Primary3.14.6MEDIUM
CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Primary2.02.1LOW
AV:L/AC:L/Au:N/C:P/I:N/A:N
Type: Secondary
Version: 3.1
Base score: 4.6
Base severity: MEDIUM
Vector:
CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Type: Primary
Version: 3.1
Base score: 4.6
Base severity: MEDIUM
Vector:
CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Type: Primary
Version: 2.0
Base score: 2.1
Base severity: LOW
Vector:
AV:L/AC:L/Au:N/C:P/I:N/A:N
CPE Matches
medtronic
medtronic
>>carelink_2090_programmer_firmware>>*
cpe:2.3:o:medtronic:carelink_2090_programmer_firmware:*:*:*:*:*:*:*:*
medtronic
medtronic
>>carelink_2090_programmer>>-
cpe:2.3:h:medtronic:carelink_2090_programmer:-:*:*:*:*:*:*:*
medtronic
medtronic
>>carelink_9790_programmer_firmware>>*
cpe:2.3:o:medtronic:carelink_9790_programmer_firmware:*:*:*:*:*:*:*:*
medtronic
medtronic
>>carelink_9790_programmer>>-
cpe:2.3:h:medtronic:carelink_9790_programmer:-:*:*:*:*:*:*:*
medtronic
medtronic
>>29901_encore_programmer_firmware>>*
cpe:2.3:o:medtronic:29901_encore_programmer_firmware:*:*:*:*:*:*:*:*
medtronic
medtronic
>>29901_encore_programmer>>-
cpe:2.3:h:medtronic:29901_encore_programmer:-:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-311Secondaryics-cert@hq.dhs.gov
CWE-312Primarynvd@nist.gov
CWE ID: CWE-311
Type: Secondary
Source: ics-cert@hq.dhs.gov
CWE ID: CWE-312
Type: Primary
Source: nvd@nist.gov
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
http://www.securityfocus.com/bid/106215ics-cert@hq.dhs.gov
Third Party Advisory
VDB Entry
https://global.medtronic.com/xg-en/product-security/security-bulletins/carelink-9790-2090-29901.htmlics-cert@hq.dhs.gov
N/A
https://ics-cert.us-cert.gov/advisories/ICSMA-18-347-01ics-cert@hq.dhs.gov
Third Party Advisory
US Government Resource
http://www.securityfocus.com/bid/106215af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
VDB Entry
https://ics-cert.us-cert.gov/advisories/ICSMA-18-347-01af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
US Government Resource
Hyperlink: http://www.securityfocus.com/bid/106215
Source: ics-cert@hq.dhs.gov
Resource:
Third Party Advisory
VDB Entry
Hyperlink: https://global.medtronic.com/xg-en/product-security/security-bulletins/carelink-9790-2090-29901.html
Source: ics-cert@hq.dhs.gov
Resource: N/A
Hyperlink: https://ics-cert.us-cert.gov/advisories/ICSMA-18-347-01
Source: ics-cert@hq.dhs.gov
Resource:
Third Party Advisory
US Government Resource
Hyperlink: http://www.securityfocus.com/bid/106215
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Third Party Advisory
VDB Entry
Hyperlink: https://ics-cert.us-cert.gov/advisories/ICSMA-18-347-01
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Third Party Advisory
US Government Resource

Change History

0
Information is not available yet

Similar CVEs

128Records found
CVE-2018-16498
Matching Score-4
Assigner-HackerOne
ShareView Details
Matching Score-4
Assigner-HackerOne
CVSS Score-5.5||MEDIUM
EPSS-0.03% / 5.88%
||
7 Day CHG~0.00%
Published-26 May, 2021 | 18:45
Updated-05 Aug, 2024 | 10:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In Versa Director, the unencrypted backup files stored on the Versa deployment contain credentials stored within configuration files. These credentials are for various application components such as SNMP, and SSL and Trust keystores.

Action-Not Available
Vendor-n/aVersa Networks, Inc.
Product-versa_directorVersa Director
CWE ID-CWE-312
Cleartext Storage of Sensitive Information
CVE-2022-20660
Matching Score-4
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-4
Assigner-Cisco Systems, Inc.
CVSS Score-4.6||MEDIUM
EPSS-0.07% / 22.13%
||
7 Day CHG~0.00%
Published-14 Jan, 2022 | 05:01
Updated-06 Nov, 2024 | 16:33
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco IP Phones Information Disclosure Vulnerability

A vulnerability in the information storage architecture of several Cisco IP Phone models could allow an unauthenticated, physical attacker to obtain confidential information from an affected device. This vulnerability is due to unencrypted storage of confidential information on an affected device. An attacker could exploit this vulnerability by physically extracting and accessing one of the flash memory chips. A successful exploit could allow the attacker to obtain confidential information from the device, which could be used for subsequent attacks.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-unified_ip_phone_7945g_firmwareunified_ip_phone_7945gip_phone_8841ip_phone_8861ip_conference_phone_8832ip_phone_8845_firmwareip_phone_7841unified_sip_phone_3905_firmwareip_phone_7811_firmwareunified_sip_phone_3905ip_phone_8811wireless_ip_phone_8821-ex_firmwareunified_ip_conference_phone_8831_for_third-party_call_control_firmwareunified_ip_conference_phone_8831_for_third-party_call_controlunified_ip_phone_7965gip_phone_8811_firmwareip_conference_phone_8832_firmwareip_phone_7861_firmwareip_phone_8845unified_ip_conference_phone_8831ip_phone_8851_firmwareunified_ip_phone_7965g_firmwareip_phone_7821_firmwareip_phone_8841_firmwareip_phone_8865_firmwareip_conference_phone_7832ip_phone_8865unified_ip_phone_7975gip_phone_7841_firmwareunified_ip_conference_phone_8831_firmwarewireless_ip_phone_8821-exip_conference_phone_7832_firmwareip_phone_7811ip_phone_7861ip_phone_8851ip_phone_8861_firmwarewireless_ip_phone_8821ip_phone_7821wireless_ip_phone_8821_firmwareunified_ip_phone_7975g_firmwareCisco Session Initiation Protocol (SIP) Software
CWE ID-CWE-312
Cleartext Storage of Sensitive Information
CVE-2022-0183
Matching Score-4
Assigner-JPCERT/CC
ShareView Details
Matching Score-4
Assigner-JPCERT/CC
CVSS Score-4.6||MEDIUM
EPSS-0.02% / 2.52%
||
7 Day CHG~0.00%
Published-17 Jan, 2022 | 09:10
Updated-02 Aug, 2024 | 23:18
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Missing encryption of sensitive data vulnerability in 'MIRUPASS' PW10 firmware all versions and 'MIRUPASS' PW20 firmware all versions allows an attacker who can physically access the device to obtain the stored passwords.

Action-Not Available
Vendor-kingjimKING JIM CO.,LTD.
Product-mirupass_pw20_firmwaremirupass_pw10_firmwaremirupass_pw10mirupass_pw20MIRUPASS
CWE ID-CWE-311
Missing Encryption of Sensitive Data
CVE-2018-12572
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.03% / 8.17%
||
7 Day CHG~0.00%
Published-17 Mar, 2019 | 18:20
Updated-05 Aug, 2024 | 08:38
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Avast Free Antivirus prior to 19.1.2360 stores user credentials in memory upon login, which allows local users to obtain sensitive information by dumping AvastUI.exe application memory and parsing the data.

Action-Not Available
Vendor-avastn/a
Product-free_antivirusn/a
CWE ID-CWE-312
Cleartext Storage of Sensitive Information
CVE-2017-8769
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-4.6||MEDIUM
EPSS-0.02% / 4.20%
||
7 Day CHG~0.00%
Published-18 May, 2017 | 06:13
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Facebook WhatsApp Messenger before 2.16.323 for Android uses the SD card for cleartext storage of files (Audio, Documents, Images, Video, and Voice Notes) associated with a chat, even after that chat is deleted. There may be users who expect file deletion to occur upon chat deletion, or who expect encryption (consistent with the application's use of an encrypted database to store chat text). NOTE: the vendor reportedly indicates that they do not "consider these to be security issues" because a user may legitimately want to preserve any file for use "in other apps like the Google Photos gallery" regardless of whether its associated chat is deleted

Action-Not Available
Vendor-n/aWhatsApp LLC
Product-whatsappn/a
CWE ID-CWE-311
Missing Encryption of Sensitive Data
CVE-2021-40454
Matching Score-4
Assigner-Microsoft Corporation
ShareView Details
Matching Score-4
Assigner-Microsoft Corporation
CVSS Score-5.5||MEDIUM
EPSS-0.14% / 35.38%
||
7 Day CHG~0.00%
Published-13 Oct, 2021 | 00:26
Updated-04 Aug, 2024 | 02:44
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Rich Text Edit Control Information Disclosure Vulnerability

Rich Text Edit Control Information Disclosure Vulnerability

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_serverwindows_server_2016windows_server_2012windows_8.1officewindows_rt_8.1windows_11windows_10windows_server_2022windows_server_2019365_appsWindows Server 2022Windows 10 Version 1607Windows Server version 2004Windows 10 Version 21H1Windows Server 2019 (Server Core installation)Windows 10 Version 1809Windows Server 2016 (Server Core installation)Windows 11 version 21H2Windows 8.1Windows Server 2012 (Server Core installation)Windows Server version 20H2Windows 10 Version 1909Microsoft Office 2019Windows 10 Version 20H2Windows Server 2016Windows 10 Version 2004Microsoft 365 Apps for EnterpriseWindows 10 Version 1507Microsoft Office 2016Windows Server 2012 R2Microsoft Office LTSC for Mac 2021Microsoft Office LTSC 2021Windows Server 2012Windows Server 2019Microsoft Office 2013 Service Pack 1Windows Server 2012 R2 (Server Core installation)Microsoft Office 2019 for Mac
CWE ID-CWE-312
Cleartext Storage of Sensitive Information
CVE-2021-38949
Matching Score-4
Assigner-IBM Corporation
ShareView Details
Matching Score-4
Assigner-IBM Corporation
CVSS Score-6.2||MEDIUM
EPSS-0.05% / 16.54%
||
7 Day CHG~0.00%
Published-16 Nov, 2021 | 16:55
Updated-17 Sep, 2024 | 00:50
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

IBM MQ 7.5, 8.0, 9.0 LTS, 9.1 CD, and 9.1 LTS stores user credentials in plain clear text which can be read by a local user. IBM X-Force ID: 211403.

Action-Not Available
Vendor-Microsoft CorporationHP Inc.IBM CorporationLinux Kernel Organization, IncOracle Corporation
Product-solarislinux_kernelihp-uxwebsphere_mqwindowsmqaixMQ
CWE ID-CWE-312
Cleartext Storage of Sensitive Information
CVE-2021-31821
Matching Score-4
Assigner-Octopus Deploy
ShareView Details
Matching Score-4
Assigner-Octopus Deploy
CVSS Score-5.5||MEDIUM
EPSS-0.03% / 6.22%
||
7 Day CHG~0.00%
Published-19 Jan, 2022 | 05:25
Updated-03 Aug, 2024 | 23:10
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

When the Windows Tentacle docker image starts up it logs all the commands that it runs along with the arguments, which writes the Octopus Server API key in plaintext. This does not affect the Linux Docker image

Action-Not Available
Vendor-Microsoft CorporationOctopus Deploy Pty. Ltd.
Product-windowstentacleOctopus Tentacle
CWE ID-CWE-312
Cleartext Storage of Sensitive Information
CVE-2021-39078
Matching Score-4
Assigner-IBM Corporation
ShareView Details
Matching Score-4
Assigner-IBM Corporation
CVSS Score-4.1||MEDIUM
EPSS-0.04% / 9.54%
||
7 Day CHG~0.00%
Published-19 Apr, 2022 | 16:15
Updated-16 Sep, 2024 | 16:33
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

IBM Security Guardium 10.5 stores user credentials in plain clear text which can be read by a local privileged user. IBM X-Force ID: 215589.

Action-Not Available
Vendor-IBM CorporationLinux Kernel Organization, Inc
Product-linux_kernelsecurity_guardiumSecurity Guardium
CWE ID-CWE-312
Cleartext Storage of Sensitive Information
CVE-2021-37452
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-5.5||MEDIUM
EPSS-0.02% / 4.10%
||
7 Day CHG~0.00%
Published-25 Jul, 2021 | 20:12
Updated-04 Aug, 2024 | 01:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

NCH Quorum v2.03 and earlier allows local users to discover cleartext login information relating to users by reading the local .dat configuration files.

Action-Not Available
Vendor-nchn/a
Product-quorumn/a
CWE ID-CWE-312
Cleartext Storage of Sensitive Information
CVE-2021-37468
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-3.3||LOW
EPSS-0.02% / 4.11%
||
7 Day CHG~0.00%
Published-25 Jul, 2021 | 20:08
Updated-04 Aug, 2024 | 01:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

NCH Reflect CRM 3.01 allows local users to discover cleartext user account information by reading the configuration files.

Action-Not Available
Vendor-nchn/a
Product-reflect_customer_relationship_managementn/a
CWE ID-CWE-312
Cleartext Storage of Sensitive Information
CVE-2017-2723
Matching Score-4
Assigner-Huawei Technologies
ShareView Details
Matching Score-4
Assigner-Huawei Technologies
CVSS Score-6.7||MEDIUM
EPSS-0.01% / 1.14%
||
7 Day CHG~0.00%
Published-22 Nov, 2017 | 19:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The Files APP 7.1.1.308 and earlier versions in some Huawei mobile phones has a vulnerability of plaintext storage of users' Safe passwords. An attacker with the root privilege of an Android system could forge the Safe to read users' plaintext Safe passwords, leading to information leak.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-filesFiles
CWE ID-CWE-312
Cleartext Storage of Sensitive Information
CVE-2017-20040
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-5.9||MEDIUM
EPSS-0.02% / 2.96%
||
7 Day CHG~0.00%
Published-11 Jun, 2022 | 10:00
Updated-15 Apr, 2025 | 14:26
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
SICUNET Access Controller Password Storage cleartext storage

A vulnerability was found in SICUNET Access Controller 0.32-05z. It has been declared as problematic. This vulnerability affects unknown code of the component Password Storage. The manipulation leads to weak encryption. Attacking locally is a requirement.

Action-Not Available
Vendor-sicunetSICUNET
Product-access_controlAccess Controller
CWE ID-CWE-312
Cleartext Storage of Sensitive Information
CVE-2021-32942
Matching Score-4
Assigner-Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)
ShareView Details
Matching Score-4
Assigner-Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)
CVSS Score-6.6||MEDIUM
EPSS-0.04% / 12.35%
||
7 Day CHG~0.00%
Published-09 Jun, 2021 | 16:06
Updated-17 Sep, 2024 | 03:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The vulnerability could expose cleartext credentials from AVEVA InTouch Runtime 2020 R2 and all prior versions (WindowViewer) if an authorized, privileged user creates a diagnostic memory dump of the process and saves it to a non-protected location.

Action-Not Available
Vendor-AVEVA
Product-intouch_2017intouch_2020InTouch
CWE ID-CWE-316
Cleartext Storage of Sensitive Information in Memory
CWE ID-CWE-312
Cleartext Storage of Sensitive Information
CVE-2021-29904
Matching Score-4
Assigner-IBM Corporation
ShareView Details
Matching Score-4
Assigner-IBM Corporation
CVSS Score-6.2||MEDIUM
EPSS-0.02% / 3.99%
||
7 Day CHG~0.00%
Published-23 Sep, 2021 | 18:05
Updated-16 Sep, 2024 | 20:22
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

IBM Jazz for Service Management 1.1.3.10 and IBM Tivoli Netcool/OMNIbus_GUI displays user credentials in plain clear text which can be read by a local user. IBM X-Force ID: 207610.

Action-Not Available
Vendor-IBM CorporationLinux Kernel Organization, IncMicrosoft Corporation
Product-linux_kernelaixwindowsjazz_for_service_managementJazz for Service Management
CWE ID-CWE-312
Cleartext Storage of Sensitive Information
CVE-2011-2916
Matching Score-4
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-4
Assigner-Red Hat, Inc.
CVSS Score-5.5||MEDIUM
EPSS-0.06% / 19.15%
||
7 Day CHG~0.00%
Published-15 Nov, 2019 | 17:19
Updated-06 Aug, 2024 | 23:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

qtnx 0.9 stores non-custom SSH keys in a world-readable configuration file. If a user has a world-readable or world-executable home directory, another local system user could obtain the private key used to connect to remote NX sessions.

Action-Not Available
Vendor-qtnx_projectqtnx
Product-qtnxqtnx
CWE ID-CWE-312
Cleartext Storage of Sensitive Information
CVE-2021-28858
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-5.5||MEDIUM
EPSS-0.03% / 4.98%
||
7 Day CHG~0.00%
Published-15 Jun, 2021 | 21:51
Updated-03 Aug, 2024 | 21:55
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

TP-Link's TL-WPA4220 4.0.2 Build 20180308 Rel.37064 does not use SSL by default. Attacker on the local network can monitor traffic and capture the cookie and other sensitive information.

Action-Not Available
Vendor-n/aTP-Link Systems Inc.
Product-tl-wpa4220_firmwaretl-wpa4220n/a
CWE ID-CWE-312
Cleartext Storage of Sensitive Information
CVE-2021-27487
Matching Score-4
Assigner-Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)
ShareView Details
Matching Score-4
Assigner-Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)
CVSS Score-5.5||MEDIUM
EPSS-0.03% / 6.25%
||
7 Day CHG~0.00%
Published-16 Jun, 2021 | 11:59
Updated-03 Aug, 2024 | 21:26
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

ZOLL Defibrillator Dashboard, v prior to 2.2, The affected products contain credentials stored in plaintext. This could allow an attacker to gain access to sensitive information.

Action-Not Available
Vendor-zolln/a
Product-defibrillator_dashboardZOLL Defibrillator Dashboard
CWE ID-CWE-312
Cleartext Storage of Sensitive Information
CVE-2021-23182
Matching Score-4
Assigner-Gallagher Group Ltd.
ShareView Details
Matching Score-4
Assigner-Gallagher Group Ltd.
CVSS Score-6||MEDIUM
EPSS-0.03% / 5.83%
||
7 Day CHG~0.00%
Published-11 Jun, 2021 | 15:46
Updated-03 Aug, 2024 | 19:05
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Cleartext Storage of Sensitive Information in Memory vulnerability in Gallagher Command Centre Server allows OSDP reader master keys to be discoverable in server memory dumps. This issue affects: Gallagher Command Centre 8.40 versions prior to 8.40.1888 (MR3); All versions of 8.30.

Action-Not Available
Vendor-Gallagher Group Ltd.
Product-command_centreCommand Centre
CWE ID-CWE-316
Cleartext Storage of Sensitive Information in Memory
CWE ID-CWE-312
Cleartext Storage of Sensitive Information
CVE-2021-23827
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-5.5||MEDIUM
EPSS-0.08% / 24.18%
||
7 Day CHG~0.00%
Published-22 Feb, 2021 | 23:07
Updated-03 Aug, 2024 | 19:14
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Keybase Desktop Client before 5.6.0 on Windows and macOS, and before 5.6.1 on Linux, allows an attacker to obtain potentially sensitive media (such as private pictures) in the Cache and uploadtemps directories. It fails to effectively clear cached pictures, even after deletion via normal methodology within the client, or by utilizing the "Explode message/Explode now" functionality. Local filesystem access is needed by the attacker.

Action-Not Available
Vendor-keybasen/aRed Hat, Inc.Microsoft CorporationApple Inc.
Product-windowsmacoslinuxkeybasen/a
CWE ID-CWE-312
Cleartext Storage of Sensitive Information
CVE-2024-53651
Matching Score-4
Assigner-Siemens
ShareView Details
Matching Score-4
Assigner-Siemens
CVSS Score-5.1||MEDIUM
EPSS-0.02% / 2.22%
||
7 Day CHG~0.00%
Published-11 Feb, 2025 | 10:28
Updated-11 Feb, 2025 | 14:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in SIPROTEC 5 6MD84 (CP300) (All versions), SIPROTEC 5 6MD85 (CP200) (All versions), SIPROTEC 5 6MD85 (CP300) (All versions), SIPROTEC 5 6MD86 (CP200) (All versions), SIPROTEC 5 6MD86 (CP300) (All versions), SIPROTEC 5 6MD89 (CP300) (All versions), SIPROTEC 5 6MU85 (CP300) (All versions), SIPROTEC 5 7KE85 (CP200) (All versions), SIPROTEC 5 7KE85 (CP300) (All versions), SIPROTEC 5 7SA82 (CP100) (All versions), SIPROTEC 5 7SA82 (CP150) (All versions), SIPROTEC 5 7SA86 (CP200) (All versions), SIPROTEC 5 7SA86 (CP300) (All versions), SIPROTEC 5 7SA87 (CP200) (All versions), SIPROTEC 5 7SA87 (CP300) (All versions), SIPROTEC 5 7SD82 (CP100) (All versions), SIPROTEC 5 7SD82 (CP150) (All versions), SIPROTEC 5 7SD86 (CP200) (All versions), SIPROTEC 5 7SD86 (CP300) (All versions), SIPROTEC 5 7SD87 (CP200) (All versions), SIPROTEC 5 7SD87 (CP300) (All versions), SIPROTEC 5 7SJ81 (CP100) (All versions), SIPROTEC 5 7SJ81 (CP150) (All versions), SIPROTEC 5 7SJ82 (CP100) (All versions), SIPROTEC 5 7SJ82 (CP150) (All versions), SIPROTEC 5 7SJ85 (CP200) (All versions), SIPROTEC 5 7SJ85 (CP300) (All versions), SIPROTEC 5 7SJ86 (CP200) (All versions), SIPROTEC 5 7SJ86 (CP300) (All versions), SIPROTEC 5 7SK82 (CP100) (All versions), SIPROTEC 5 7SK82 (CP150) (All versions), SIPROTEC 5 7SK85 (CP200) (All versions), SIPROTEC 5 7SK85 (CP300) (All versions), SIPROTEC 5 7SL82 (CP100) (All versions), SIPROTEC 5 7SL82 (CP150) (All versions), SIPROTEC 5 7SL86 (CP200) (All versions), SIPROTEC 5 7SL86 (CP300) (All versions), SIPROTEC 5 7SL87 (CP200) (All versions), SIPROTEC 5 7SL87 (CP300) (All versions), SIPROTEC 5 7SS85 (CP200) (All versions), SIPROTEC 5 7SS85 (CP300) (All versions), SIPROTEC 5 7ST85 (CP200) (All versions), SIPROTEC 5 7ST85 (CP300) (All versions), SIPROTEC 5 7ST86 (CP300) (All versions), SIPROTEC 5 7SX82 (CP150) (All versions), SIPROTEC 5 7SX85 (CP300) (All versions), SIPROTEC 5 7SY82 (CP150) (All versions), SIPROTEC 5 7UM85 (CP300) (All versions), SIPROTEC 5 7UT82 (CP100) (All versions), SIPROTEC 5 7UT82 (CP150) (All versions), SIPROTEC 5 7UT85 (CP200) (All versions), SIPROTEC 5 7UT85 (CP300) (All versions), SIPROTEC 5 7UT86 (CP200) (All versions), SIPROTEC 5 7UT86 (CP300) (All versions), SIPROTEC 5 7UT87 (CP200) (All versions), SIPROTEC 5 7UT87 (CP300) (All versions), SIPROTEC 5 7VE85 (CP300) (All versions), SIPROTEC 5 7VK87 (CP200) (All versions), SIPROTEC 5 7VK87 (CP300) (All versions), SIPROTEC 5 7VU85 (CP300) (All versions), SIPROTEC 5 Compact 7SX800 (CP050) (All versions). Affected devices do not encrypt certain data within the on-board flash storage on their PCB. This could allow an attacker with physical access to read the entire filesystem of the device.

Action-Not Available
Vendor-Siemens AG
Product-SIPROTEC 5 7SK85 (CP300)SIPROTEC 5 7SL87 (CP300)SIPROTEC 5 7SJ86 (CP300)SIPROTEC 5 7SK82 (CP150)SIPROTEC 5 7ST85 (CP300)SIPROTEC 5 7SJ81 (CP100)SIPROTEC 5 7SD87 (CP200)SIPROTEC 5 7SX82 (CP150)SIPROTEC 5 7UT86 (CP200)SIPROTEC 5 7VE85 (CP300)SIPROTEC 5 7SD87 (CP300)SIPROTEC 5 6MD85 (CP200)SIPROTEC 5 7SA87 (CP300)SIPROTEC 5 7SD82 (CP100)SIPROTEC 5 7SD86 (CP300)SIPROTEC 5 7SS85 (CP300)SIPROTEC 5 7SJ86 (CP200)SIPROTEC 5 7UT82 (CP100)SIPROTEC 5 7UT85 (CP300)SIPROTEC 5 6MD84 (CP300)SIPROTEC 5 7KE85 (CP300)SIPROTEC 5 7SL82 (CP150)SIPROTEC 5 6MD86 (CP300)SIPROTEC 5 7SY82 (CP150)SIPROTEC 5 7SA87 (CP200)SIPROTEC 5 7SL87 (CP200)SIPROTEC 5 7SA82 (CP100)SIPROTEC 5 7UT86 (CP300)SIPROTEC 5 7VK87 (CP200)SIPROTEC 5 7SL82 (CP100)SIPROTEC 5 7UM85 (CP300)SIPROTEC 5 7VU85 (CP300)SIPROTEC 5 7SJ85 (CP200)SIPROTEC 5 7SK85 (CP200)SIPROTEC 5 7KE85 (CP200)SIPROTEC 5 7SJ85 (CP300)SIPROTEC 5 6MD86 (CP200)SIPROTEC 5 7SA86 (CP200)SIPROTEC 5 7SK82 (CP100)SIPROTEC 5 Compact 7SX800 (CP050)SIPROTEC 5 7SJ82 (CP150)SIPROTEC 5 7SJ81 (CP150)SIPROTEC 5 6MU85 (CP300)SIPROTEC 5 7SA82 (CP150)SIPROTEC 5 6MD89 (CP300)SIPROTEC 5 7UT87 (CP300)SIPROTEC 5 7UT85 (CP200)SIPROTEC 5 7SA86 (CP300)SIPROTEC 5 7SL86 (CP200)SIPROTEC 5 7ST85 (CP200)SIPROTEC 5 6MD85 (CP300)SIPROTEC 5 7SJ82 (CP100)SIPROTEC 5 7ST86 (CP300)SIPROTEC 5 7VK87 (CP300)SIPROTEC 5 7UT87 (CP200)SIPROTEC 5 7SL86 (CP300)SIPROTEC 5 7SD82 (CP150)SIPROTEC 5 7UT82 (CP150)SIPROTEC 5 7SX85 (CP300)SIPROTEC 5 7SS85 (CP200)SIPROTEC 5 7SD86 (CP200)
CWE ID-CWE-312
Cleartext Storage of Sensitive Information
CVE-2021-27204
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-5.5||MEDIUM
EPSS-0.03% / 5.88%
||
7 Day CHG~0.00%
Published-12 Feb, 2021 | 07:48
Updated-03 Aug, 2024 | 20:40
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Telegram before 7.4 (212543) Stable on macOS stores the local passcode in cleartext, leading to information disclosure.

Action-Not Available
Vendor-telegramn/aApple Inc.
Product-macostelegramn/a
CWE ID-CWE-312
Cleartext Storage of Sensitive Information
CVE-2021-20510
Matching Score-4
Assigner-IBM Corporation
ShareView Details
Matching Score-4
Assigner-IBM Corporation
CVSS Score-6.8||MEDIUM
EPSS-0.05% / 16.45%
||
7 Day CHG~0.00%
Published-15 Jul, 2021 | 17:15
Updated-16 Sep, 2024 | 19:20
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

IBM Security Verify Access Docker 10.0.0 stores user credentials in plain clear text which can be read by a local user. IBM X-Force ID: 198299

Action-Not Available
Vendor-IBM CorporationDocker, Inc.
Product-security_verify_accessdockerSecurity Verify Access Docker
CWE ID-CWE-312
Cleartext Storage of Sensitive Information
CVE-2020-7516
Matching Score-4
Assigner-Schneider Electric
ShareView Details
Matching Score-4
Assigner-Schneider Electric
CVSS Score-7.8||HIGH
EPSS-0.03% / 5.41%
||
7 Day CHG~0.00%
Published-23 Jul, 2020 | 20:47
Updated-04 Aug, 2024 | 09:33
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A CWE-316: Cleartext Storage of Sensitive Information in Memory vulnerability exists in Easergy Builder V1.4.7.2 and prior which could allow an attacker access to login credentials.

Action-Not Available
Vendor-n/a
Product-easergy_builderEasergy Builder V1.4.7.2 and prior
CWE ID-CWE-312
Cleartext Storage of Sensitive Information
CVE-2020-7517
Matching Score-4
Assigner-Schneider Electric
ShareView Details
Matching Score-4
Assigner-Schneider Electric
CVSS Score-5.5||MEDIUM
EPSS-0.03% / 6.22%
||
7 Day CHG~0.00%
Published-23 Jul, 2020 | 20:47
Updated-04 Aug, 2024 | 09:33
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A CWE-312: Cleartext Storage of Sensitive Information vulnerability exists in Easergy Builder (Version 1.4.7.2 and older) which could allow an attacker to read user credentials.

Action-Not Available
Vendor-n/a
Product-easergy_builderEasergy Builder (Version 1.4.7.2 and older)
CWE ID-CWE-312
Cleartext Storage of Sensitive Information
CVE-2020-6980
Matching Score-4
Assigner-Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)
ShareView Details
Matching Score-4
Assigner-Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)
CVSS Score-3.3||LOW
EPSS-0.01% / 0.29%
||
7 Day CHG~0.00%
Published-16 Mar, 2020 | 15:36
Updated-04 Aug, 2024 | 09:18
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Rockwell Automation MicroLogix 1400 Controllers Series B v21.001 and prior, Series A, all versions, MicroLogix 1100 Controller, all versions, RSLogix 500 Software v12.001 and prior, If Simple Mail Transfer Protocol (SMTP) account data is saved in RSLogix 500, a local attacker with access to a victim’s project may be able to gather SMTP server authentication data as it is written to the project file in cleartext.

Action-Not Available
Vendor-n/aRockwell Automation, Inc.
Product-micrologix_1400_a_firmwaremicrologix_1100rslogix_500micrologix_1100_firmwaremicrologix_1400micrologix_1400_b_firmwareRockwell Automation MicroLogix 1400 Controllers Series B v21.001 and prior, Series A, all versions, MicroLogix 1100 Controller, all versions, RSLogix 500 Software v12.001 and prior
CWE ID-CWE-312
Cleartext Storage of Sensitive Information
CVE-2020-35454
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-6.8||MEDIUM
EPSS-0.03% / 6.04%
||
7 Day CHG~0.00%
Published-17 Mar, 2021 | 14:58
Updated-04 Aug, 2024 | 17:02
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The Taidii Diibear Android application 2.4.0 and all its derivatives allow attackers to obtain user credentials from an Android backup because of insecure application configuration.

Action-Not Available
Vendor-taidiin/a
Product-diibearn/a
CWE ID-CWE-312
Cleartext Storage of Sensitive Information
CVE-2019-6670
Matching Score-4
Assigner-F5, Inc.
ShareView Details
Matching Score-4
Assigner-F5, Inc.
CVSS Score-4.4||MEDIUM
EPSS-0.10% / 27.73%
||
7 Day CHG~0.00%
Published-27 Nov, 2019 | 21:35
Updated-04 Aug, 2024 | 20:31
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

On BIG-IP 15.0.0-15.0.1, 14.1.0-14.1.2, 14.0.0-14.0.1, 13.1.0-13.1.3.1, 12.1.0-12.1.5, and 11.5.1-11.6.5, vCMP hypervisors are incorrectly exposing the plaintext unit key for their vCMP guests on the filesystem.

Action-Not Available
Vendor-F5, Inc.
Product-big-ip_edge_gatewaybig-ip_webacceleratorbig-ip_application_acceleration_managerbig-ip_link_controllerbig-ip_policy_enforcement_managerbig-ip_fraud_protection_servicebig-ip_global_traffic_managerbig-ip_analyticsbig-ip_access_policy_managerbig-ip_domain_name_systembig-ip_local_traffic_managerbig-ip_advanced_firewall_managerbig-ip_application_security_managerBIG-IP
CWE ID-CWE-312
Cleartext Storage of Sensitive Information
  • Previous
  • 1
  • 2
  • 3
  • Next
Details not found