CWE-257
Storing Passwords in a Recoverable Format
The storage of passwords in a recoverable format makes them subject to password reuse attacks by malicious users. In fact, it should be noted that recoverable encrypted passwords provide no significant benefit over plaintext passwords since they are subject not only to reuse by malicious attackers but also by malicious insiders. If a system administrator can recover a password directly, or use a brute force search on the available information, the administrator can use the password on other accounts.
CVE-2017-9942 (GCVE-0-2017-9942)
Vulnerability from cvelistv5
Published
2017-08-08 00:00
Modified
2024-08-05 17:24
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-257 - Storing Passwords in a Recoverable Format
Summary
A vulnerability was discovered in Siemens SiPass integrated (All versions before V2.70) that could allow an attacker with local access to the SiPass integrated server or SiPass integrated client to potentially obtain credentials from the systems.
References
| ► | URL | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | SiPass integrated All versions before V2.70 |
Version: SiPass integrated All versions before V2.70 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T17:24:59.996Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-339433.pdf"
},
{
"name": "99578",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/99578"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "SiPass integrated All versions before V2.70",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "SiPass integrated All versions before V2.70"
}
]
}
],
"datePublic": "2017-08-07T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was discovered in Siemens SiPass integrated (All versions before V2.70) that could allow an attacker with local access to the SiPass integrated server or SiPass integrated client to potentially obtain credentials from the systems."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-257",
"description": "CWE-257: Storing Passwords in a Recoverable Format",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-08T09:57:01",
"orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"shortName": "siemens"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-339433.pdf"
},
{
"name": "99578",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/99578"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "productcert@siemens.com",
"ID": "CVE-2017-9942",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "SiPass integrated All versions before V2.70",
"version": {
"version_data": [
{
"version_value": "SiPass integrated All versions before V2.70"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability was discovered in Siemens SiPass integrated (All versions before V2.70) that could allow an attacker with local access to the SiPass integrated server or SiPass integrated client to potentially obtain credentials from the systems."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-257: Storing Passwords in a Recoverable Format"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-339433.pdf",
"refsource": "CONFIRM",
"url": "https://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-339433.pdf"
},
{
"name": "99578",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/99578"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"assignerShortName": "siemens",
"cveId": "CVE-2017-9942",
"datePublished": "2017-08-08T00:00:00",
"dateReserved": "2017-06-26T00:00:00",
"dateUpdated": "2024-08-05T17:24:59.996Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-10622 (GCVE-0-2018-10622)
Vulnerability from cvelistv5
Published
2018-08-10 18:00
Modified
2025-05-22 16:12
Severity ?
VLAI Severity ?
EPSS score ?
CWE
Summary
Medtronic MyCareLink Patient Monitor uses per-product credentials that are stored in a recoverable format. An attacker can use these credentials for network authentication and encryption of local data at rest.
References
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| ► | Medtronic | 24950 MyCareLink Monitor |
Version: All versions |
||||||
|
|||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T07:46:47.036Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "105042",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/105042"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://ics-cert.us-cert.gov/advisories/ICSMA-18-219-01"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "24950 MyCareLink Monitor",
"vendor": "Medtronic",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "24952 MyCareLink Monitor",
"vendor": "Medtronic",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Billy Rios, Jesse Young, and Jonathan Butts of Whitescope LLC reported these vulnerabilities"
}
],
"datePublic": "2018-08-07T06:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003e\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eMedtronic MyCareLink Patient Monitor \u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003euses per-product credentials that are stored in a recoverable format. An attacker can use these credentials for network authentication and encryption of local data at rest.\u003c/span\u003e\n\n\u003c/span\u003e\n\n\u003c/p\u003e"
}
],
"value": "Medtronic MyCareLink Patient Monitor uses per-product credentials that are stored in a recoverable format. An attacker can use these credentials for network authentication and encryption of local data at rest."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "PHYSICAL",
"availabilityImpact": "NONE",
"baseScore": 4.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:C/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-257",
"description": "CWE-257",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-05-22T16:12:44.522Z",
"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"shortName": "icscert"
},
"references": [
{
"name": "105042",
"url": "https://global.medtronic.com/xg-en/product-security/security-bulletins/mycarelink-8-7-18.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://ics-cert.us-cert.gov/advisories/ICSMA-18-219-01"
},
{
"tags": [
"vdb-entry"
],
"url": "http://www.securityfocus.com/bid/105042"
}
],
"source": {
"advisory": "ICSMA-18-219-01",
"discovery": "EXTERNAL"
},
"title": "Medtronic MyCareLink 24950 Patient Monitor Storing Passwords in a Recoverable Format",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eMedtronic has made server-side updates to address the insufficient verification vulnerability identified in this advisory. Medtronic is implementing additional server-side mitigations to enhance data integrity and authenticity.\u003c/p\u003e\u003cp\u003eMedtronic recommends users take additional defensive measures to minimize the risk of exploitation. Specifically, users should:\u003c/p\u003e\u003cul\u003e\u003cli\u003eMaintain good physical control over the home monitor.\u003c/li\u003e\u003cli\u003eOnly use home monitors obtained directly from their healthcare provider or a Medtronic representative to ensure integrity of the system.\u003c/li\u003e\u003c/ul\u003e\u003cp\u003eMedtronic has released additional patient focused information, at the following location:\u003c/p\u003e\u003cp\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.medtronic.com/security\"\u003ehttps://www.medtronic.com/security\u003c/a\u003e\u003c/p\u003e\n\n\u003cbr\u003e"
}
],
"value": "Medtronic has made server-side updates to address the insufficient verification vulnerability identified in this advisory. Medtronic is implementing additional server-side mitigations to enhance data integrity and authenticity.\n\nMedtronic recommends users take additional defensive measures to minimize the risk of exploitation. Specifically, users should:\n\n * Maintain good physical control over the home monitor.\n * Only use home monitors obtained directly from their healthcare provider or a Medtronic representative to ensure integrity of the system.\n\n\nMedtronic has released additional patient focused information, at the following location:\n\n https://www.medtronic.com/security"
}
],
"x_generator": {
"engine": "Vulnogram 0.2.0"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "ics-cert@hq.dhs.gov",
"DATE_PUBLIC": "2018-08-07T00:00:00",
"ID": "CVE-2018-10626",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Medtronic MyCareLink 24950, 24952 Patient Monitor",
"version": {
"version_data": [
{
"version_value": "All versions"
}
]
}
}
]
},
"vendor_name": "ICS-CERT"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability was discovered in all versions of Medtronic MyCareLink 24950 and 24952 Patient Monitor. The affected product\u0027s update service does not sufficiently verify the authenticity of the data uploaded. An attacker who obtains per-product credentials from the monitor and paired implantable cardiac device information can potentially upload invalid data to the Medtronic CareLink network."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "INSUFFICIENT VERIFICATION OF DATA AUTHENTICITY CWE-345"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "105042",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/105042"
},
{
"name": "https://ics-cert.us-cert.gov/advisories/ICSMA-18-219-01",
"refsource": "MISC",
"url": "https://ics-cert.us-cert.gov/advisories/ICSMA-18-219-01"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"assignerShortName": "icscert",
"cveId": "CVE-2018-10622",
"datePublished": "2018-08-10T18:00:00Z",
"dateReserved": "2018-05-01T00:00:00",
"dateUpdated": "2025-05-22T16:12:44.522Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-5446 (GCVE-0-2018-5446)
Vulnerability from cvelistv5
Published
2018-05-04 18:00
Modified
2025-05-22 17:40
Severity ?
VLAI Severity ?
EPSS score ?
CWE
Summary
Medtronic 2090 CareLink Programmer
uses a per-product username and password that is stored in a recoverable format.
References
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| ► | Medtronic | 2090 CareLink Programmer |
Version: All versions |
||||||
|
|||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T05:33:44.403Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://ics-cert.us-cert.gov/advisories/ICSMA-18-058-01"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "2090 CareLink Programmer",
"vendor": "Medtronic",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "29901 Encore Programmer",
"vendor": "Medtronic",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Billy Rios and Jonathan Butts of Whitescope LLC identified these vulnerabilities and reported them to CISA."
}
],
"datePublic": "2018-06-29T06:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eMedtronic 2090 CareLink Programmer \n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003euses a per-product username and password that is stored in a recoverable format. \u003c/span\u003e\n\n\n\n\u003c/p\u003e"
}
],
"value": "Medtronic 2090 CareLink Programmer \n\nuses a per-product username and password that is stored in a recoverable format."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "PHYSICAL",
"availabilityImpact": "NONE",
"baseScore": 4.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:C/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-257",
"description": "CWE-257",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-05-22T17:40:34.569Z",
"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"shortName": "icscert"
},
"references": [
{
"url": "https://global.medtronic.com/xg-en/product-security/security-bulletins/carelink-2090-29901.html"
},
{
"url": "https://www.cisa.gov/news-events/ics-medical-advisories/icsma-18-058-01"
}
],
"source": {
"advisory": "ICSMA-18-058-01",
"discovery": "EXTERNAL"
},
"title": "Medtronic 2090 Carelink Programmer Storing Passwords in a Recoverable Format",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eMedtronic has assessed the vulnerabilities and determined that no new potential safety risks were identified. In order to enhance system security, Medtronic has added periodic integrity checks for files associated with the software deployment network. Additionally, Medtronic has developed server-side security changes that further enhance security. Medtronic reports that they will not be issuing a product update; however, Medtronic has identified compensating controls within this advisory to reduce the risk of exploitation and reiterates the following from the CareLink 2090 Programmer Reference Manual:\u003c/p\u003e\u003cul\u003e\u003cli\u003eMaintain good physical controls over the programmer. Having a secure physical environment prevents access to the internals of the programmer.\u003c/li\u003e\u003cli\u003eOnly connect the programmer to managed, secure networks.\u003c/li\u003e\u003cli\u003eUpdate the software on the programmer when Medtronic updates are available.\u003c/li\u003e\u003cli\u003eAlternatively, disconnect the programmer from the network. Network connectivity is not required for normal programmer operation. \u003c/li\u003e\u003cli\u003eOffline updates are available, contact your Medtronic representative for more information.\u003c/li\u003e\u003c/ul\u003e\u003cp\u003eMedtronic has deployed mitigating patches to address the reported vulnerabilities. Medtronic has also stated that they have increased security controls associated with these vulnerabilities. As a result of the available mitigating patches, Medtronic has re-enabled the network-based software update mechanism.\u003c/p\u003e\u003cp\u003eMedtronic has stated that the patch for affected products can be obtained by contacting Medtronic Technical Services at 800\u2011638\u20111991.\u003cbr\u003e\u003c/p\u003e\u003cp\u003eAfter additional review and risk evaluation of the affected products, Medtronic has disabled the network-based software update mechanism, including both the VPN and the HTTP subservices, as an immediate security mitigation. Users should not attempt to update the affected products over the network as this update mechanism is vulnerable to the attack described in section 4.2.3. Medtronic will continue to implement and deploy increased security protections and mitigations to address the vulnerabilities in this advisory.\u003c/p\u003e\u003cp\u003eUsers should still obtain and apply updates via controlled USB dongles and should contact their Medtronic representative for more information.\u003c/p\u003e\u003cp\u003eMedtronic recommends that affected products continue to be used for their intended purpose in the previously described manner.\u003cbr\u003e\u003cbr\u003eMedtronic has released a security bulletin for the \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.medtronic.com/security\"\u003e2090 CareLink Programmer\u003c/a\u003e.\u003c/p\u003e\n\n\u003cbr\u003e"
}
],
"value": "Medtronic has assessed the vulnerabilities and determined that no new potential safety risks were identified. In order to enhance system security, Medtronic has added periodic integrity checks for files associated with the software deployment network. Additionally, Medtronic has developed server-side security changes that further enhance security. Medtronic reports that they will not be issuing a product update; however, Medtronic has identified compensating controls within this advisory to reduce the risk of exploitation and reiterates the following from the CareLink 2090 Programmer Reference Manual:\n\n * Maintain good physical controls over the programmer. Having a secure physical environment prevents access to the internals of the programmer.\n * Only connect the programmer to managed, secure networks.\n * Update the software on the programmer when Medtronic updates are available.\n * Alternatively, disconnect the programmer from the network. Network connectivity is not required for normal programmer operation. \n * Offline updates are available, contact your Medtronic representative for more information.\n\n\nMedtronic has deployed mitigating patches to address the reported vulnerabilities. Medtronic has also stated that they have increased security controls associated with these vulnerabilities. As a result of the available mitigating patches, Medtronic has re-enabled the network-based software update mechanism.\n\nMedtronic has stated that the patch for affected products can be obtained by contacting Medtronic Technical Services at 800\u2011638\u20111991.\n\n\nAfter additional review and risk evaluation of the affected products, Medtronic has disabled the network-based software update mechanism, including both the VPN and the HTTP subservices, as an immediate security mitigation. Users should not attempt to update the affected products over the network as this update mechanism is vulnerable to the attack described in section 4.2.3. Medtronic will continue to implement and deploy increased security protections and mitigations to address the vulnerabilities in this advisory.\n\nUsers should still obtain and apply updates via controlled USB dongles and should contact their Medtronic representative for more information.\n\nMedtronic recommends that affected products continue to be used for their intended purpose in the previously described manner.\n\nMedtronic has released a security bulletin for the 2090 CareLink Programmer https://www.medtronic.com/security ."
}
],
"x_generator": {
"engine": "Vulnogram 0.2.0"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "ics-cert@hq.dhs.gov",
"DATE_PUBLIC": "2018-06-29T00:00:00",
"ID": "CVE-2018-10596",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Medtronic 2090 CareLink Programmer",
"version": {
"version_data": [
{
"version_value": "2090 CareLink Programmer, all versions."
}
]
}
}
]
},
"vendor_name": "ICS-CERT"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Medtronic 2090 CareLink Programmer all versions The affected product uses a virtual private network connection to securely download updates. The product does not verify it is still connected to this virtual private network before downloading updates. An attacker with local network access to the programmer could influence these communications."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "IMPROPER RESTRICTION OF COMMUNICATION CHANNEL TO INTENDED ENDPOINTS CWE-923"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://ics-cert.us-cert.gov/advisories/ICSMA-18-058-01",
"refsource": "MISC",
"url": "https://ics-cert.us-cert.gov/advisories/ICSMA-18-058-01"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"assignerShortName": "icscert",
"cveId": "CVE-2018-5446",
"datePublished": "2018-05-04T18:00:00Z",
"dateReserved": "2018-01-12T00:00:00",
"dateUpdated": "2025-05-22T17:40:34.569Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-1010241 (GCVE-0-2019-1010241)
Vulnerability from cvelistv5
Published
2019-07-19 16:36
Modified
2024-08-05 03:07
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-257 - Storing Passwords in a Recoverable Format
Summary
Jenkins Credentials Binding Plugin Jenkins 1.17 is affected by: CWE-257: Storing Passwords in a Recoverable Format. The impact is: Authenticated users can recover credentials. The component is: config-variables.jelly line #30 (passwordVariable). The attack vector is: Attacker creates and executes a Jenkins job.
References
| ► | URL | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Jenkins Credentials Binding Plugin | Jenkins |
Version: 1.17 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T03:07:18.552Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://docs.google.com/document/d/1MBEoJSMvkjp5Kua0bRD_kiDBisL0fOCwTL9uMWj4lGA/edit?usp=sharing"
},
{
"name": "109320",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/109320"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Jenkins",
"vendor": "Jenkins Credentials Binding Plugin",
"versions": [
{
"status": "affected",
"version": "1.17"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Jenkins Credentials Binding Plugin Jenkins 1.17 is affected by: CWE-257: Storing Passwords in a Recoverable Format. The impact is: Authenticated users can recover credentials. The component is: config-variables.jelly line #30 (passwordVariable). The attack vector is: Attacker creates and executes a Jenkins job."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-257",
"description": "CWE-257: Storing Passwords in a Recoverable Format",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-07-26T07:06:04",
"orgId": "7556d962-6fb7-411e-85fa-6cd62f095ba8",
"shortName": "dwf"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://docs.google.com/document/d/1MBEoJSMvkjp5Kua0bRD_kiDBisL0fOCwTL9uMWj4lGA/edit?usp=sharing"
},
{
"name": "109320",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/109320"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve-assign@distributedweaknessfiling.org",
"ID": "CVE-2019-1010241",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Jenkins",
"version": {
"version_data": [
{
"version_value": "1.17"
}
]
}
}
]
},
"vendor_name": "Jenkins Credentials Binding Plugin"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Jenkins Credentials Binding Plugin Jenkins 1.17 is affected by: CWE-257: Storing Passwords in a Recoverable Format. The impact is: Authenticated users can recover credentials. The component is: config-variables.jelly line #30 (passwordVariable). The attack vector is: Attacker creates and executes a Jenkins job."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-257: Storing Passwords in a Recoverable Format"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://docs.google.com/document/d/1MBEoJSMvkjp5Kua0bRD_kiDBisL0fOCwTL9uMWj4lGA/edit?usp=sharing",
"refsource": "MISC",
"url": "https://docs.google.com/document/d/1MBEoJSMvkjp5Kua0bRD_kiDBisL0fOCwTL9uMWj4lGA/edit?usp=sharing"
},
{
"name": "109320",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/109320"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "7556d962-6fb7-411e-85fa-6cd62f095ba8",
"assignerShortName": "dwf",
"cveId": "CVE-2019-1010241",
"datePublished": "2019-07-19T16:36:02",
"dateReserved": "2019-03-20T00:00:00",
"dateUpdated": "2024-08-05T03:07:18.552Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-18256 (GCVE-0-2019-18256)
Vulnerability from cvelistv5
Published
2020-06-29 13:56
Modified
2024-08-05 01:47
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-257 - STORING PASSWORDS IN A RECOVERABLE FORMAT
Summary
BIOTRONIK CardioMessenger II, The affected products use individual per-device credentials that are stored in a recoverable format. An attacker with physical access to the CardioMessenger can use these credentials for network authentication and decryption of local data in transit.
References
| ► | URL | Tags | |||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | BIOTRONIK CardioMessenger II-S T-Line, CardioMessenger II-S GSM |
Version: CardioMessenger II-S T-Line T4APP 2.20, CardioMessenger II-S GSM T4APP 2.20 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T01:47:14.076Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.us-cert.gov/ics/advisories/icsma-20-170-05"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "BIOTRONIK CardioMessenger II-S T-Line, CardioMessenger II-S GSM",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "CardioMessenger II-S T-Line T4APP 2.20, CardioMessenger II-S GSM T4APP 2.20"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "BIOTRONIK CardioMessenger II, The affected products use individual per-device credentials that are stored in a recoverable format. An attacker with physical access to the CardioMessenger can use these credentials for network authentication and decryption of local data in transit."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-257",
"description": "STORING PASSWORDS IN A RECOVERABLE FORMAT CWE-257",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-06-29T13:56:28",
"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"shortName": "icscert"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.us-cert.gov/ics/advisories/icsma-20-170-05"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "ics-cert@hq.dhs.gov",
"ID": "CVE-2019-18256",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "BIOTRONIK CardioMessenger II-S T-Line, CardioMessenger II-S GSM",
"version": {
"version_data": [
{
"version_value": "CardioMessenger II-S T-Line T4APP 2.20, CardioMessenger II-S GSM T4APP 2.20"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "BIOTRONIK CardioMessenger II, The affected products use individual per-device credentials that are stored in a recoverable format. An attacker with physical access to the CardioMessenger can use these credentials for network authentication and decryption of local data in transit."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "STORING PASSWORDS IN A RECOVERABLE FORMAT CWE-257"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.us-cert.gov/ics/advisories/icsma-20-170-05",
"refsource": "MISC",
"url": "https://www.us-cert.gov/ics/advisories/icsma-20-170-05"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"assignerShortName": "icscert",
"cveId": "CVE-2019-18256",
"datePublished": "2020-06-29T13:56:28",
"dateReserved": "2019-10-22T00:00:00",
"dateUpdated": "2024-08-05T01:47:14.076Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-19096 (GCVE-0-2019-19096)
Vulnerability from cvelistv5
Published
2020-04-02 19:48
Modified
2024-08-05 02:09
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-257 - Storing Passwords in a Recoverable Format
Summary
The Redis data structure component used in ABB eSOMS versions 6.0 to 6.0.2 stores credentials in clear text. If an attacker has file system access, this can potentially compromise the credentials' confidentiality.
References
| ► | URL | Tags |
|---|---|---|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T02:09:39.348Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://search.abb.com/library/Download.aspx?DocumentID=9AKK107492A9964\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "eSOMS",
"vendor": "ABB",
"versions": [
{
"status": "affected",
"version": "6.0 to 6.0.2"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The Redis data structure component used in ABB eSOMS versions 6.0 to 6.0.2 stores credentials in clear text. If an attacker has file system access, this can potentially compromise the credentials\u0027 confidentiality."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-257",
"description": "CWE-257 Storing Passwords in a Recoverable Format",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-04-02T19:48:02",
"orgId": "2b718523-d88f-4f37-9bbd-300c20644bf9",
"shortName": "ABB"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://search.abb.com/library/Download.aspx?DocumentID=9AKK107492A9964\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "ABB eSOMS: REDIS clear text credentials",
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cybersecurity@ch.abb.com",
"ID": "CVE-2019-19096",
"STATE": "PUBLIC",
"TITLE": "ABB eSOMS: REDIS clear text credentials"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "eSOMS",
"version": {
"version_data": [
{
"version_value": "6.0 to 6.0.2"
}
]
}
}
]
},
"vendor_name": "ABB"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Redis data structure component used in ABB eSOMS versions 6.0 to 6.0.2 stores credentials in clear text. If an attacker has file system access, this can potentially compromise the credentials\u0027 confidentiality."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-257 Storing Passwords in a Recoverable Format"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://search.abb.com/library/Download.aspx?DocumentID=9AKK107492A9964\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch",
"refsource": "CONFIRM",
"url": "https://search.abb.com/library/Download.aspx?DocumentID=9AKK107492A9964\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch"
}
]
},
"source": {
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "2b718523-d88f-4f37-9bbd-300c20644bf9",
"assignerShortName": "ABB",
"cveId": "CVE-2019-19096",
"datePublished": "2020-04-02T19:48:02",
"dateReserved": "2019-11-18T00:00:00",
"dateUpdated": "2024-08-05T02:09:39.348Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-3736 (GCVE-0-2019-3736)
Vulnerability from cvelistv5
Published
2019-09-27 20:19
Modified
2024-09-17 04:10
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-257 - Storing Passwords in a Recoverable Format
Summary
Dell EMC Integrated Data Protection Appliance versions prior to 2.3 contain a password storage vulnerability in the ACM component. A remote authenticated malicious user with root privileges may potentially use a support tool to decrypt encrypted passwords stored locally on the system to use it to access other components using the privileges of the compromised user.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Dell | Integrated Data Protection Appliance |
Version: prior to 2.3 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T19:19:18.261Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.dell.com/support/security/en-us/details/536363/DSA-2019-112-Dell-EMC-Integrated-Data-Protection-Appliance-Multiple-Vulnerabilities"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Integrated Data Protection Appliance",
"vendor": "Dell",
"versions": [
{
"status": "affected",
"version": "prior to 2.3"
}
]
}
],
"datePublic": "2019-08-08T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Dell EMC Integrated Data Protection Appliance versions prior to 2.3 contain a password storage vulnerability in the ACM component. A remote authenticated malicious user with root privileges may potentially use a support tool to decrypt encrypted passwords stored locally on the system to use it to access other components using the privileges of the compromised user."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 8.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-257",
"description": "CWE-257: Storing Passwords in a Recoverable Format",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-09-27T20:19:45",
"orgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
"shortName": "dell"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.dell.com/support/security/en-us/details/536363/DSA-2019-112-Dell-EMC-Integrated-Data-Protection-Appliance-Multiple-Vulnerabilities"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@dell.com",
"DATE_PUBLIC": "2019-08-08",
"ID": "CVE-2019-3736",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Integrated Data Protection Appliance",
"version": {
"version_data": [
{
"version_value": "prior to 2.3"
}
]
}
}
]
},
"vendor_name": "Dell"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Dell EMC Integrated Data Protection Appliance versions prior to 2.3 contain a password storage vulnerability in the ACM component. A remote authenticated malicious user with root privileges may potentially use a support tool to decrypt encrypted passwords stored locally on the system to use it to access other components using the privileges of the compromised user."
}
]
},
"impact": {
"cvss": {
"baseScore": 8.2,
"baseSeverity": "High",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-257: Storing Passwords in a Recoverable Format"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.dell.com/support/security/en-us/details/536363/DSA-2019-112-Dell-EMC-Integrated-Data-Protection-Appliance-Multiple-Vulnerabilities",
"refsource": "CONFIRM",
"url": "https://www.dell.com/support/security/en-us/details/536363/DSA-2019-112-Dell-EMC-Integrated-Data-Protection-Appliance-Multiple-Vulnerabilities"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
"assignerShortName": "dell",
"cveId": "CVE-2019-3736",
"datePublished": "2019-09-27T20:19:45.429008Z",
"dateReserved": "2019-01-03T00:00:00",
"dateUpdated": "2024-09-17T04:10:25.001Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-5615 (GCVE-0-2019-5615)
Vulnerability from cvelistv5
Published
2019-04-09 15:27
Modified
2024-09-17 03:02
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-257
- Storing Passwords in a Recoverable Format
Summary
Users with Site-level permissions can access files containing the username-encrypted passwords of Security Console Global Administrators and clear-text passwords for restoring backups, as well as the salt for those passwords. Valid credentials are required to access these files and malicious users would still need to perform additional work to decrypt the credentials and escalate privileges. This issue affects: Rapid7 InsightVM versions 6.5.11 through 6.5.49.
References
| ► | URL | Tags | |||
|---|---|---|---|---|---|
|
|||||
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T20:01:51.559Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://help.rapid7.com/insightvm/en-us/release-notes/#6.5.50"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "InsightVM",
"vendor": "Rapid7",
"versions": [
{
"lessThanOrEqual": "6.5.49",
"status": "affected",
"version": "6.5.49",
"versionType": "custom"
},
{
"lessThan": "6.5.11*",
"status": "affected",
"version": "6.5.11",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "This issue was discovered, and reported to Rapid7, by Robert Elliott from IBM Security. It is being disclosed in accordance Rapid7\u0027s vulnerability disclosure policy (https://www.rapid7.com/disclosure/)."
}
],
"datePublic": "2019-01-30T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Users with Site-level permissions can access files containing the username-encrypted passwords of Security Console Global Administrators and clear-text passwords for restoring backups, as well as the salt for those passwords. Valid credentials are required to access these files and malicious users would still need to perform additional work to decrypt the credentials and escalate privileges. This issue affects: Rapid7 InsightVM versions 6.5.11 through 6.5.49."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 3.1,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-257",
"description": "CWE-257",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"description": "Storing Passwords in a Recoverable Format",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-04-09T15:27:05",
"orgId": "9974b330-7714-4307-a722-5648477acda7",
"shortName": "rapid7"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://help.rapid7.com/insightvm/en-us/release-notes/#6.5.50"
}
],
"solutions": [
{
"lang": "en",
"value": "Update the Security Console to version 6.5.50 or later."
}
],
"source": {
"defect": [
"NEX-51442"
],
"discovery": "USER"
},
"title": "Rapid7 InsightVM Stored Credential Exposure",
"x_generator": {
"engine": "Vulnogram 0.0.6"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@rapid7.com",
"DATE_PUBLIC": "2019-01-30T14:00:00.000Z",
"ID": "CVE-2019-5615",
"STATE": "PUBLIC",
"TITLE": "Rapid7 InsightVM Stored Credential Exposure"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "InsightVM",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_name": "6.5.49",
"version_value": "6.5.49"
},
{
"version_affected": "\u003e=",
"version_name": "6.5.11",
"version_value": "6.5.11"
}
]
}
}
]
},
"vendor_name": "Rapid7"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "This issue was discovered, and reported to Rapid7, by Robert Elliott from IBM Security. It is being disclosed in accordance Rapid7\u0027s vulnerability disclosure policy (https://www.rapid7.com/disclosure/)."
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Users with Site-level permissions can access files containing the username-encrypted passwords of Security Console Global Administrators and clear-text passwords for restoring backups, as well as the salt for those passwords. Valid credentials are required to access these files and malicious users would still need to perform additional work to decrypt the credentials and escalate privileges. This issue affects: Rapid7 InsightVM versions 6.5.11 through 6.5.49."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.6"
},
"impact": {
"cvss": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 3.1,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-257"
}
]
},
{
"description": [
{
"lang": "eng",
"value": "Storing Passwords in a Recoverable Format"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://help.rapid7.com/insightvm/en-us/release-notes/#6.5.50",
"refsource": "CONFIRM",
"url": "https://help.rapid7.com/insightvm/en-us/release-notes/#6.5.50"
}
]
},
"solution": [
{
"lang": "en",
"value": "Update the Security Console to version 6.5.50 or later."
}
],
"source": {
"defect": [
"NEX-51442"
],
"discovery": "USER"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "9974b330-7714-4307-a722-5648477acda7",
"assignerShortName": "rapid7",
"cveId": "CVE-2019-5615",
"datePublished": "2019-04-09T15:27:05.703271Z",
"dateReserved": "2019-01-07T00:00:00",
"dateUpdated": "2024-09-17T03:02:06.706Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-6567 (GCVE-0-2019-6567)
Vulnerability from cvelistv5
Published
2019-06-12 13:47
Modified
2024-08-04 20:23
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-257 - Storing Passwords in a Recoverable Format
Summary
A vulnerability has been identified in SCALANCE X-200 switch family (incl. SIPLUS NET variants) (All Versions < V5.2.4), SCALANCE X-200IRT switch family (incl. SIPLUS NET variants) (All versions < V5.5.0), SCALANCE X-300 switch family (incl. X408 and SIPLUS NET variants) (All versions < V4.1.3), SCALANCE X-414-3E (All versions). The affected devices store passwords in a recoverable format. An attacker may extract and recover device passwords from the device configuration. Successful exploitation requires access to a device configuration backup and impacts confidentiality of the stored passwords.
References
| ► | URL | Tags | |||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | |||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ► | Siemens | SCALANCE X-200 switch family (incl. SIPLUS NET variants) |
Version: All Versions < V5.2.4 |
||||||||||||||||
|
|||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T20:23:22.108Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-646841.pdf"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "SCALANCE X-200 switch family (incl. SIPLUS NET variants)",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All Versions \u003c V5.2.4"
}
]
},
{
"product": "SCALANCE X-200IRT switch family (incl. SIPLUS NET variants)",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V5.5.0"
}
]
},
{
"product": "SCALANCE X-300 switch family (incl. X408 and SIPLUS NET variants)",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V4.1.3"
}
]
},
{
"product": "SCALANCE X-414-3E",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been identified in SCALANCE X-200 switch family (incl. SIPLUS NET variants) (All Versions \u003c V5.2.4), SCALANCE X-200IRT switch family (incl. SIPLUS NET variants) (All versions \u003c V5.5.0), SCALANCE X-300 switch family (incl. X408 and SIPLUS NET variants) (All versions \u003c V4.1.3), SCALANCE X-414-3E (All versions). The affected devices store passwords in a recoverable format. An attacker may extract and recover device passwords from the device configuration. Successful exploitation requires access to a device configuration backup and impacts confidentiality of the stored passwords."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-257",
"description": "CWE-257: Storing Passwords in a Recoverable Format",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-02-09T15:38:17",
"orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"shortName": "siemens"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-646841.pdf"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "productcert@siemens.com",
"ID": "CVE-2019-6567",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "SCALANCE X-200 switch family (incl. SIPLUS NET variants)",
"version": {
"version_data": [
{
"version_value": "All Versions \u003c V5.2.4"
}
]
}
},
{
"product_name": "SCALANCE X-200IRT switch family (incl. SIPLUS NET variants)",
"version": {
"version_data": [
{
"version_value": "All versions \u003c V5.5.0"
}
]
}
},
{
"product_name": "SCALANCE X-300 switch family (incl. X408 and SIPLUS NET variants)",
"version": {
"version_data": [
{
"version_value": "All versions \u003c V4.1.3"
}
]
}
},
{
"product_name": "SCALANCE X-414-3E",
"version": {
"version_data": [
{
"version_value": "All versions"
}
]
}
}
]
},
"vendor_name": "Siemens"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability has been identified in SCALANCE X-200 switch family (incl. SIPLUS NET variants) (All Versions \u003c V5.2.4), SCALANCE X-200IRT switch family (incl. SIPLUS NET variants) (All versions \u003c V5.5.0), SCALANCE X-300 switch family (incl. X408 and SIPLUS NET variants) (All versions \u003c V4.1.3), SCALANCE X-414-3E (All versions). The affected devices store passwords in a recoverable format. An attacker may extract and recover device passwords from the device configuration. Successful exploitation requires access to a device configuration backup and impacts confidentiality of the stored passwords."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-257: Storing Passwords in a Recoverable Format"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-646841.pdf",
"refsource": "MISC",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-646841.pdf"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"assignerShortName": "siemens",
"cveId": "CVE-2019-6567",
"datePublished": "2019-06-12T13:47:56",
"dateReserved": "2019-01-22T00:00:00",
"dateUpdated": "2024-08-04T20:23:22.108Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-8296 (GCVE-0-2020-8296)
Vulnerability from cvelistv5
Published
2021-03-03 17:40
Modified
2024-08-04 09:56
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-257 - Storing Passwords in a Recoverable Format ()
Summary
Nextcloud Server prior to 20.0.0 stores passwords in a recoverable format even when external storage is not configured.
References
| ► | URL | Tags | |||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Nextcloud Server |
Version: Fixed in 20.0.0 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T09:56:28.293Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://hackerone.com/reports/867164"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://nextcloud.com/security/advisory/?id=NC-SA-2021-006"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/nextcloud/server/pull/21037"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/nextcloud/server/issues/17439"
},
{
"name": "FEDORA-2021-eac0e52f88",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/L6BO6P6MP2MOWA6PZRXX32PLWPXN5O4S/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Nextcloud Server",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Fixed in 20.0.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Nextcloud Server prior to 20.0.0 stores passwords in a recoverable format even when external storage is not configured."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-257",
"description": "Storing Passwords in a Recoverable Format (CWE-257)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-07-09T08:08:37",
"orgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
"shortName": "hackerone"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://hackerone.com/reports/867164"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://nextcloud.com/security/advisory/?id=NC-SA-2021-006"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/nextcloud/server/pull/21037"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/nextcloud/server/issues/17439"
},
{
"name": "FEDORA-2021-eac0e52f88",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/L6BO6P6MP2MOWA6PZRXX32PLWPXN5O4S/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "support@hackerone.com",
"ID": "CVE-2020-8296",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Nextcloud Server",
"version": {
"version_data": [
{
"version_value": "Fixed in 20.0.0"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Nextcloud Server prior to 20.0.0 stores passwords in a recoverable format even when external storage is not configured."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Storing Passwords in a Recoverable Format (CWE-257)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://hackerone.com/reports/867164",
"refsource": "MISC",
"url": "https://hackerone.com/reports/867164"
},
{
"name": "https://nextcloud.com/security/advisory/?id=NC-SA-2021-006",
"refsource": "MISC",
"url": "https://nextcloud.com/security/advisory/?id=NC-SA-2021-006"
},
{
"name": "https://github.com/nextcloud/server/pull/21037",
"refsource": "MISC",
"url": "https://github.com/nextcloud/server/pull/21037"
},
{
"name": "https://github.com/nextcloud/server/issues/17439",
"refsource": "MISC",
"url": "https://github.com/nextcloud/server/issues/17439"
},
{
"name": "FEDORA-2021-eac0e52f88",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L6BO6P6MP2MOWA6PZRXX32PLWPXN5O4S/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
"assignerShortName": "hackerone",
"cveId": "CVE-2020-8296",
"datePublished": "2021-03-03T17:40:33",
"dateReserved": "2020-01-28T00:00:00",
"dateUpdated": "2024-08-04T09:56:28.293Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Mitigation
Phase: Architecture and Design
Description:
- Use strong, non-reversible encryption to protect stored passwords.
CAPEC-49: Password Brute Forcing
An adversary tries every possible value for a password until they succeed. A brute force attack, if feasible computationally, will always be successful because it will essentially go through all possible passwords given the alphabet used (lower case letters, upper case letters, numbers, symbols, etc.) and the maximum length of the password.