Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2023-0690

Summary
Assigner-HashiCorp
Assigner Org ID-67fedba0-ff2e-4543-ba5b-aa93e87718cc
Published At-08 Feb, 2023 | 18:27
Updated At-24 Mar, 2025 | 20:50
Rejected At-
Credits

Boundary Workers Store Rotated Credentials in Plaintext Even When a Key Management Service Configured

HashiCorp Boundary from 0.10.0 through 0.11.2 contain an issue where when using a PKI-based worker with a Key Management Service (KMS) defined in the configuration file, new credentials created after an automatic rotation may not have been encrypted via the intended KMS. This would result in the credentials being stored in plaintext on the Boundary PKI worker’s disk. This issue is fixed in version 0.12.0.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:HashiCorp
Assigner Org ID:67fedba0-ff2e-4543-ba5b-aa93e87718cc
Published At:08 Feb, 2023 | 18:27
Updated At:24 Mar, 2025 | 20:50
Rejected At:
▼CVE Numbering Authority (CNA)
Boundary Workers Store Rotated Credentials in Plaintext Even When a Key Management Service Configured

HashiCorp Boundary from 0.10.0 through 0.11.2 contain an issue where when using a PKI-based worker with a Key Management Service (KMS) defined in the configuration file, new credentials created after an automatic rotation may not have been encrypted via the intended KMS. This would result in the credentials being stored in plaintext on the Boundary PKI worker’s disk. This issue is fixed in version 0.12.0.

Affected Products
Vendor
HashiCorp, Inc.HashiCorp
Product
Boundary
Repo
https://github.com/hashicorp/boundary
Platforms
  • Windows
  • MacOS
  • x86
  • ARM
  • 64 bit
  • Linux
  • 32 bit
Default Status
unaffected
Versions
Affected
  • From 0.10.0 through 0.11.2 (semver)
Problem Types
TypeCWE IDDescription
CWECWE-312CWE-312 Cleartext Storage of Sensitive Information
Type: CWE
CWE ID: CWE-312
Description: CWE-312 Cleartext Storage of Sensitive Information
Metrics
VersionBase scoreBase severityVector
3.15.0MEDIUM
CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:C/C:H/I:N/A:N
Version: 3.1
Base score: 5.0
Base severity: MEDIUM
Vector:
CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:C/C:H/I:N/A:N
Metrics Other Info
Impacts
CAPEC IDDescription
CAPEC-37CAPEC-37 Retrieve Embedded Sensitive Data
CAPEC ID: CAPEC-37
Description: CAPEC-37 Retrieve Embedded Sensitive Data
Solutions

Upgrade to Boundary 0.12.0. After upgrading, users should do one of the following to remediate the issue: * Wait for next worker authentication rotation to occur, typically within one week, at which point the new credentials should be properly encrypted. * Delete the worker from the system and re-authorize it, forcing the worker to generate a new set of credentials immediately, which will be encrypted.

Configurations

This requires running a Boundary worker using the PKI-based authenticated method and defining a Key Management System (KMS) for worker auth storage.

Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://discuss.hashicorp.com/t/hcsec-2023-03-boundary-workers-store-rotated-credentials-in-plaintext-even-when-key-management-service-configured/49907
N/A
Hyperlink: https://discuss.hashicorp.com/t/hcsec-2023-03-boundary-workers-store-rotated-credentials-in-plaintext-even-when-key-management-service-configured/49907
Resource: N/A
▼Authorized Data Publishers (ADP)
1. CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://discuss.hashicorp.com/t/hcsec-2023-03-boundary-workers-store-rotated-credentials-in-plaintext-even-when-key-management-service-configured/49907
x_transferred
Hyperlink: https://discuss.hashicorp.com/t/hcsec-2023-03-boundary-workers-store-rotated-credentials-in-plaintext-even-when-key-management-service-configured/49907
Resource:
x_transferred
2. CISA ADP Vulnrichment
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:security@hashicorp.com
Published At:08 Feb, 2023 | 19:15
Updated At:07 Nov, 2023 | 04:01

HashiCorp Boundary from 0.10.0 through 0.11.2 contain an issue where when using a PKI-based worker with a Key Management Service (KMS) defined in the configuration file, new credentials created after an automatic rotation may not have been encrypted via the intended KMS. This would result in the credentials being stored in plaintext on the Boundary PKI worker’s disk. This issue is fixed in version 0.12.0.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary3.17.1HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
Secondary3.15.0MEDIUM
CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:C/C:H/I:N/A:N
Type: Primary
Version: 3.1
Base score: 7.1
Base severity: HIGH
Vector:
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
Type: Secondary
Version: 3.1
Base score: 5.0
Base severity: MEDIUM
Vector:
CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:C/C:H/I:N/A:N
CPE Matches
HashiCorp, Inc.
hashicorp
>>boundary>>Versions from 0.10.0(inclusive) to 0.12.0(exclusive)
cpe:2.3:a:hashicorp:boundary:*:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-311Primarynvd@nist.gov
CWE-312Secondarysecurity@hashicorp.com
CWE ID: CWE-311
Type: Primary
Source: nvd@nist.gov
CWE ID: CWE-312
Type: Secondary
Source: security@hashicorp.com
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
https://discuss.hashicorp.com/t/hcsec-2023-03-boundary-workers-store-rotated-credentials-in-plaintext-even-when-key-management-service-configured/49907security@hashicorp.com
Vendor Advisory
Hyperlink: https://discuss.hashicorp.com/t/hcsec-2023-03-boundary-workers-store-rotated-credentials-in-plaintext-even-when-key-management-service-configured/49907
Source: security@hashicorp.com
Resource:
Vendor Advisory

Change History

0
Information is not available yet

Similar CVEs

8Records found
CVE-2023-25000
Matching Score-8
Assigner-HashiCorp Inc.
ShareView Details
Matching Score-8
Assigner-HashiCorp Inc.
CVSS Score-5||MEDIUM
EPSS-0.03% / 7.91%
||
7 Day CHG~0.00%
Published-30 Mar, 2023 | 00:17
Updated-13 Feb, 2025 | 16:44
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Vault Vulnerable to Cache-Timing Attacks During Seal and Unseal Operations

HashiCorp Vault's implementation of Shamir's secret sharing used precomputed table lookups, and was vulnerable to cache-timing attacks. An attacker with access to, and the ability to observe a large number of unseal operations on the host through a side channel may reduce the search space of a brute force effort to recover the Shamir shares. Fixed in Vault 1.13.1, 1.12.5, and 1.11.9.

Action-Not Available
Vendor-HashiCorp, Inc.
Product-vaultVault EnterpriseVault
CWE ID-CWE-208
Observable Timing Discrepancy
CWE ID-CWE-203
Observable Discrepancy
CVE-2024-50570
Matching Score-4
Assigner-Fortinet, Inc.
ShareView Details
Matching Score-4
Assigner-Fortinet, Inc.
CVSS Score-4.9||MEDIUM
EPSS-0.01% / 0.84%
||
7 Day CHG~0.00%
Published-18 Dec, 2024 | 12:44
Updated-27 Aug, 2025 | 21:29
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A Cleartext Storage of Sensitive Information vulnerability [CWE-312] in FortiClientWindows 7.4.0 through 7.4.1, 7.2.0 through 7.2.6, 7.0.0 through 7.0.13 and FortiClientLinux 7.4.0 through 7.4.2, 7.2.0 through 7.2.7, 7.0.0 through 7.0.13 may permit a local authenticated user to retrieve VPN password via memory dump, due to JavaScript's garbage collector

Action-Not Available
Vendor-Fortinet, Inc.
Product-FortiClientMacFortiClientLinuxFortiClientWindows
CWE ID-CWE-312
Cleartext Storage of Sensitive Information
CVE-2024-6785
Matching Score-4
Assigner-Moxa Inc.
ShareView Details
Matching Score-4
Assigner-Moxa Inc.
CVSS Score-6.8||MEDIUM
EPSS-0.03% / 5.86%
||
7 Day CHG~0.00%
Published-21 Sep, 2024 | 04:07
Updated-27 Sep, 2024 | 18:59
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
MXview One and MXview One Central Manager Series store cleartext credentials in a local file

The configuration file stores credentials in cleartext. An attacker with local access rights can read or modify the configuration file, potentially resulting in the service being abused due to sensitive information exposure.

Action-Not Available
Vendor-Moxa Inc.
Product-mxview_onemxview_one_central_managerMXview One Central Manager SeriesMXview One Series
CWE ID-CWE-313
Cleartext Storage in a File or on Disk
CWE ID-CWE-312
Cleartext Storage of Sensitive Information
CVE-2022-34388
Matching Score-4
Assigner-Dell
ShareView Details
Matching Score-4
Assigner-Dell
CVSS Score-7.1||HIGH
EPSS-0.04% / 11.61%
||
7 Day CHG~0.00%
Published-10 Feb, 2023 | 20:18
Updated-26 Mar, 2025 | 15:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell SupportAssist for Home PCs (version 3.11.4 and prior) and  SupportAssist for Business PCs (version 3.2.0 and prior) contain information disclosure vulnerability. A local malicious user with low privileges could exploit this vulnerability to view and modify sensitive information in the database of the affected application.

Action-Not Available
Vendor-Dell Inc.
Product-supportassist_for_business_pcssupportassist_for_home_pcsSupportAssist
CWE ID-CWE-318
Cleartext Storage of Sensitive Information in Executable
CWE ID-CWE-312
Cleartext Storage of Sensitive Information
CVE-2025-3395
Matching Score-4
Assigner-Asea Brown Boveri Ltd. (ABB)
ShareView Details
Matching Score-4
Assigner-Asea Brown Boveri Ltd. (ABB)
CVSS Score-8.4||HIGH
EPSS-0.01% / 0.38%
||
7 Day CHG~0.00%
Published-30 Apr, 2025 | 12:40
Updated-28 May, 2025 | 18:26
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Incorrect Permission Assignment for Critical Resource, Cleartext Storage of Sensitive Information vulnerability in ABB Automation Builder.This issue affects Automation Builder: through 2.8.0.

Action-Not Available
Vendor-ABB
Product-automation_builderAutomation Builder
CWE ID-CWE-312
Cleartext Storage of Sensitive Information
CWE ID-CWE-732
Incorrect Permission Assignment for Critical Resource
CVE-2023-27706
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.1||HIGH
EPSS-0.07% / 21.48%
||
7 Day CHG~0.00%
Published-09 Jun, 2023 | 00:00
Updated-06 Jan, 2025 | 18:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Bitwarden Windows desktop application versions prior to v2023.4.0 store biometric keys in Windows Credential Manager, accessible to other local unprivileged processes.

Action-Not Available
Vendor-bitwardenn/a
Product-bitwardenn/a
CWE ID-CWE-312
Cleartext Storage of Sensitive Information
CVE-2024-56362
Matching Score-4
Assigner-GitHub, Inc.
ShareView Details
Matching Score-4
Assigner-GitHub, Inc.
CVSS Score-7.1||HIGH
EPSS-0.02% / 3.19%
||
7 Day CHG~0.00%
Published-23 Dec, 2024 | 17:19
Updated-26 Aug, 2025 | 01:56
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Navidrome Stores JWT Secret in Plaintext in navidrome.db

Navidrome is an open source web-based music collection server and streamer. Navidrome stores the JWT secret in plaintext in the navidrome.db database file under the property table. This practice introduces a security risk because anyone with access to the database file can retrieve the secret. This vulnerability is fixed in 0.54.1.

Action-Not Available
Vendor-navidromenavidrome
Product-navidromenavidrome
CWE ID-CWE-312
Cleartext Storage of Sensitive Information
CVE-2023-33037
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-7.1||HIGH
EPSS-0.03% / 7.58%
||
7 Day CHG~0.00%
Published-02 Jan, 2024 | 05:38
Updated-17 Jun, 2025 | 20:19
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cryptographic Issues in Automotive

Cryptographic issue in Automotive while unwrapping the key secs2d and verifying with RPMB data.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qam8255p_firmwaresnapdragon_8_gen_1_mobile_platformwsa8830sa6150p_firmwaresa8145p_firmwaresxr2230p_firmwareqca8337qam8650pqca6431_firmwareqam8775psnapdragon_870_5g_mobile_platform_firmwaresnapdragon_865_5g_mobile_platformsnapdragon_888_5g_mobile_platformwcn3950_firmwaresnapdragon_888_5g_mobile_platform_firmwaresa8150p_firmwaresm4450_firmwareqca6595au_firmwarewcd9370ssg2115pqca6426wcd9385_firmwareqam8295pwcn3950qcn6024_firmwarefastconnect_6200sd_8_gen1_5g_firmwareqsm8350_firmwareqsm8350qam8295p_firmwaresa9000p_firmwaresnapdragon_x55_5g_modem-rf_systemqca6574au_firmwareqca6595auqca8081_firmwarewcd9375_firmwaresm7250p_firmwareqca6436_firmwaresnapdragon_680_4g_mobile_platform_firmwaresa6155p_firmwaresnapdragon_x65_5g_modem-rf_system_firmwaresnapdragon_870_5g_mobile_platformqca6698aqsa4155p_firmwareqcs8550_firmwaresnapdragon_765g_5g_mobile_platformwcn3988_firmwaresa6145p_firmwareqca6421snapdragon_8\+_gen_1_mobile_platformfastconnect_6700_firmwaresa8195pwsa8810_firmwareqca6436snapdragon_ar2_gen_1_platform_firmwaresa8255p_firmwaresa6155psg4150pqca8081snapdragon_765_5g_mobile_platform_firmwareqca6698aq_firmwareqcm4490snapdragon_888\+_5g_mobile_platformwcd9385sxr2130_firmwareqam8775p_firmwaresa8255pqca6431qca6696_firmwareqca6797aqar8035wcd9375sa8150psnapdragon_685_4g_mobile_platformsnapdragon_768g_5g_mobile_platform_firmwarewsa8830_firmwaresd865_5g_firmwarewcn3988wsa8815_firmwarewsa8835_firmwaresnapdragon_685_4g_mobile_platform_firmwaresa8195p_firmwaresnapdragon_865_5g_mobile_platform_firmwarefastconnect_6800_firmwaresa8295p_firmwaresa4150psg4150p_firmwareqcm4325qca8337_firmwarewcd9380_firmwaressg2125psd865_5gfastconnect_6800qca6595wsa8835qca6574sxr1230p_firmwaresa8540p_firmwaresd_8_gen1_5gwcd9380fastconnect_6700ssg2125p_firmwaresxr2130qca6574asxr1230pqcm4325_firmwaresa9000pqca6574_firmwarewsa8815sxr2230psnapdragon_865\+_5g_mobile_platformsnapdragon_xr2_5g_platform_firmwareqca6426_firmwaresm4450qca6574a_firmwarefastconnect_6200_firmwareqcn9024snapdragon_x55_5g_modem-rf_system_firmwareqca6391snapdragon_8cx_gen_3_compute_platform_firmwaresa8295pqca6421_firmwarefastconnect_7800snapdragon_865\+_5g_mobile_platform_firmwareqcm4490_firmwareqcs4490_firmwaresnapdragon_xr2_5g_platformsnapdragon_x65_5g_modem-rf_systemwsa8832_firmwarefastconnect_6900fastconnect_6900_firmwareqca6797aq_firmwareqca6574ausa8155p_firmwareqcn9024_firmwarefastconnect_7800_firmwarewsa8810snapdragon_765g_5g_mobile_platform_firmwarewsa8832sa8540psnapdragon_8cx_gen_3_compute_platformsnapdragon_680_4g_mobile_platformsnapdragon_8_gen_1_mobile_platform_firmwaresnapdragon_ar2_gen_1_platformsa6145pqam8650p_firmwareqcs4490qca6595_firmwaresa8145pqca6696snapdragon_888\+_5g_mobile_platform_firmwareqca6391_firmwareqcs8550sa4150p_firmwarewcd9370_firmwaresa6150psnapdragon_768g_5g_mobile_platformsa8155pqcn6024snapdragon_765_5g_mobile_platformsm7250psnapdragon_8\+_gen_1_mobile_platform_firmwaressg2115p_firmwareqam8255psa4155par8035_firmwareSnapdragon
CWE ID-CWE-310
Not Available
CWE ID-CWE-311
Missing Encryption of Sensitive Data
Details not found