CWE-313
Cleartext Storage in a File or on Disk
The product stores sensitive information in cleartext in a file, or on disk.
CVE-2016-6538 (GCVE-0-2016-6538)
Vulnerability from cvelistv5
Published
2018-07-06 21:00
Modified
2024-08-06 01:36
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-313 - Cleartext Storage in a File or on Disk
Summary
The TrackR Bravo mobile app stores the account password used to authenticate to the cloud API in cleartext in the cache.db file. Updated apps, version 5.1.6 for iOS and 2.2.5 for Android, have been released by the vendor to address the vulnerabilities in CVE-2016-6538, CVE-2016-6539, CVE-2016-6540 and CVE-2016-6541.
References
| ► | URL | Tags | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| ► | TrackR | Bravo Mobile Application | ||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T01:36:27.362Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "93874",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/93874"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.kb.cert.org/vuls/id/TNOY-AF3KCZ"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://blog.rapid7.com/2016/10/25/multiple-bluetooth-low-energy-ble-tracker-vulnerabilities/"
},
{
"name": "VU#617567",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "https://www.kb.cert.org/vuls/id/617567"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"platforms": [
"iOS"
],
"product": "Bravo Mobile Application",
"vendor": "TrackR",
"versions": [
{
"status": "unaffected",
"version": "5.1.6"
}
]
},
{
"platforms": [
"Android"
],
"product": "Bravo Mobile Application",
"vendor": "TrackR",
"versions": [
{
"status": "unaffected",
"version": "2.2.5"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Thanks to Deral Heiland and Adam Compton of Rapid7, Inc. for reporting this vulnerability."
}
],
"datePublic": "2016-10-25T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The TrackR Bravo mobile app stores the account password used to authenticate to the cloud API in cleartext in the cache.db file. Updated apps, version 5.1.6 for iOS and 2.2.5 for Android, have been released by the vendor to address the vulnerabilities in CVE-2016-6538, CVE-2016-6539, CVE-2016-6540 and CVE-2016-6541."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-313",
"description": "CWE-313: Cleartext Storage in a File or on Disk",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-07-07T09:57:01",
"orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"shortName": "certcc"
},
"references": [
{
"name": "93874",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/93874"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.kb.cert.org/vuls/id/TNOY-AF3KCZ"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://blog.rapid7.com/2016/10/25/multiple-bluetooth-low-energy-ble-tracker-vulnerabilities/"
},
{
"name": "VU#617567",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "https://www.kb.cert.org/vuls/id/617567"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "TrackR Bravo mobile application stores account passwords in cleartext",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cert@cert.org",
"ID": "CVE-2016-6538",
"STATE": "PUBLIC",
"TITLE": "TrackR Bravo mobile application stores account passwords in cleartext"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Bravo Mobile Application",
"version": {
"version_data": [
{
"affected": "!",
"platform": "iOS",
"version_affected": "!",
"version_value": "5.1.6"
},
{
"affected": "!",
"platform": "Android",
"version_affected": "!",
"version_value": "2.2.5"
}
]
}
}
]
},
"vendor_name": "TrackR"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "Thanks to Deral Heiland and Adam Compton of Rapid7, Inc. for reporting this vulnerability."
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The TrackR Bravo mobile app stores the account password used to authenticate to the cloud API in cleartext in the cache.db file. Updated apps, version 5.1.6 for iOS and 2.2.5 for Android, have been released by the vendor to address the vulnerabilities in CVE-2016-6538, CVE-2016-6539, CVE-2016-6540 and CVE-2016-6541."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-313: Cleartext Storage in a File or on Disk"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "93874",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/93874"
},
{
"name": "https://www.kb.cert.org/vuls/id/TNOY-AF3KCZ",
"refsource": "MISC",
"url": "https://www.kb.cert.org/vuls/id/TNOY-AF3KCZ"
},
{
"name": "https://blog.rapid7.com/2016/10/25/multiple-bluetooth-low-energy-ble-tracker-vulnerabilities/",
"refsource": "MISC",
"url": "https://blog.rapid7.com/2016/10/25/multiple-bluetooth-low-energy-ble-tracker-vulnerabilities/"
},
{
"name": "VU#617567",
"refsource": "CERT-VN",
"url": "https://www.kb.cert.org/vuls/id/617567"
}
]
},
"source": {
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"assignerShortName": "certcc",
"cveId": "CVE-2016-6538",
"datePublished": "2018-07-06T21:00:00",
"dateReserved": "2016-08-03T00:00:00",
"dateUpdated": "2024-08-06T01:36:27.362Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-6546 (GCVE-0-2016-6546)
Vulnerability from cvelistv5
Published
2018-07-13 20:00
Modified
2024-08-06 01:36
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-313 - Cleartext Storage in a File or on Disk
Summary
The iTrack Easy mobile application stores the account password used to authenticate to the cloud API in base64-encoding in the cache.db file. The base64 encoding format is considered equivalent to cleartext.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T01:36:27.367Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "VU#974055",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "https://www.kb.cert.org/vuls/id/974055"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://blog.rapid7.com/2016/10/25/multiple-bluetooth-low-energy-ble-tracker-vulnerabilities/"
},
{
"name": "93875",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/93875"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Easy",
"vendor": "iTrack",
"versions": [
{
"status": "unknown",
"version": "N/A"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Thanks to Deral Heiland and Adam Compton of Rapid7, Inc. for reporting this vulnerability."
}
],
"datePublic": "2016-10-25T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The iTrack Easy mobile application stores the account password used to authenticate to the cloud API in base64-encoding in the cache.db file. The base64 encoding format is considered equivalent to cleartext."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-313",
"description": "CWE-313: Cleartext Storage in a File or on Disk",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-07-14T09:57:01",
"orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"shortName": "certcc"
},
"references": [
{
"name": "VU#974055",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "https://www.kb.cert.org/vuls/id/974055"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://blog.rapid7.com/2016/10/25/multiple-bluetooth-low-energy-ble-tracker-vulnerabilities/"
},
{
"name": "93875",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/93875"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "iTrack Easy mobile application stores the user password in base-64 encoding/cleartext",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cert@cert.org",
"ID": "CVE-2016-6546",
"STATE": "PUBLIC",
"TITLE": "iTrack Easy mobile application stores the user password in base-64 encoding/cleartext"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Easy",
"version": {
"version_data": [
{
"affected": "?",
"version_affected": "?",
"version_value": "N/A"
}
]
}
}
]
},
"vendor_name": "iTrack"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "Thanks to Deral Heiland and Adam Compton of Rapid7, Inc. for reporting this vulnerability."
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The iTrack Easy mobile application stores the account password used to authenticate to the cloud API in base64-encoding in the cache.db file. The base64 encoding format is considered equivalent to cleartext."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-313: Cleartext Storage in a File or on Disk"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "VU#974055",
"refsource": "CERT-VN",
"url": "https://www.kb.cert.org/vuls/id/974055"
},
{
"name": "https://blog.rapid7.com/2016/10/25/multiple-bluetooth-low-energy-ble-tracker-vulnerabilities/",
"refsource": "MISC",
"url": "https://blog.rapid7.com/2016/10/25/multiple-bluetooth-low-energy-ble-tracker-vulnerabilities/"
},
{
"name": "93875",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/93875"
}
]
},
"source": {
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"assignerShortName": "certcc",
"cveId": "CVE-2016-6546",
"datePublished": "2018-07-13T20:00:00",
"dateReserved": "2016-08-03T00:00:00",
"dateUpdated": "2024-08-06T01:36:27.367Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-6547 (GCVE-0-2016-6547)
Vulnerability from cvelistv5
Published
2018-07-13 20:00
Modified
2024-08-06 01:36
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-313 - Cleartext Storage in a File or on Disk
Summary
The Zizai Tech Nut mobile app stores the account password used to authenticate to the cloud API in cleartext in the cache.db file.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Zizai Technology | Tech Nut Mobile Application |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T01:36:27.383Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "93877",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "https://www.securityfocus.com/bid/93877"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://blog.rapid7.com/2016/10/25/multiple-bluetooth-low-energy-ble-tracker-vulnerabilities/"
},
{
"name": "VU#402847",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "https://www.kb.cert.org/vuls/id/402847"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Tech Nut Mobile Application",
"vendor": "Zizai Technology",
"versions": [
{
"status": "unknown",
"version": "N/A"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Thanks to Deral Heiland and Adam Compton of Rapid7, Inc. for reporting this vulnerability."
}
],
"datePublic": "2016-10-25T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The Zizai Tech Nut mobile app stores the account password used to authenticate to the cloud API in cleartext in the cache.db file."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-313",
"description": "CWE-313: Cleartext Storage in a File or on Disk",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-07-13T19:57:01",
"orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"shortName": "certcc"
},
"references": [
{
"name": "93877",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "https://www.securityfocus.com/bid/93877"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://blog.rapid7.com/2016/10/25/multiple-bluetooth-low-energy-ble-tracker-vulnerabilities/"
},
{
"name": "VU#402847",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "https://www.kb.cert.org/vuls/id/402847"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Zizai Tech Nut stores the account password in cleartext",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cert@cert.org",
"ID": "CVE-2016-6547",
"STATE": "PUBLIC",
"TITLE": "Zizai Tech Nut stores the account password in cleartext"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Tech Nut Mobile Application",
"version": {
"version_data": [
{
"affected": "?",
"version_affected": "?",
"version_value": "N/A"
}
]
}
}
]
},
"vendor_name": "Zizai Technology"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "Thanks to Deral Heiland and Adam Compton of Rapid7, Inc. for reporting this vulnerability."
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Zizai Tech Nut mobile app stores the account password used to authenticate to the cloud API in cleartext in the cache.db file."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-313: Cleartext Storage in a File or on Disk"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "93877",
"refsource": "BID",
"url": "https://www.securityfocus.com/bid/93877"
},
{
"name": "https://blog.rapid7.com/2016/10/25/multiple-bluetooth-low-energy-ble-tracker-vulnerabilities/",
"refsource": "MISC",
"url": "https://blog.rapid7.com/2016/10/25/multiple-bluetooth-low-energy-ble-tracker-vulnerabilities/"
},
{
"name": "VU#402847",
"refsource": "CERT-VN",
"url": "https://www.kb.cert.org/vuls/id/402847"
}
]
},
"source": {
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"assignerShortName": "certcc",
"cveId": "CVE-2016-6547",
"datePublished": "2018-07-13T20:00:00",
"dateReserved": "2016-08-03T00:00:00",
"dateUpdated": "2024-08-06T01:36:27.383Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-19291 (GCVE-0-2019-19291)
Vulnerability from cvelistv5
Published
2020-03-10 19:16
Modified
2024-08-05 02:09
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-313 - Cleartext Storage in a File or on Disk
Summary
A vulnerability has been identified in Control Center Server (CCS) (All versions < V1.5.0), SiNVR/SiVMS Video Server (All versions < V5.0.0). The FTP services of the SiVMS/SiNVR Video Server and the Control Center Server (CCS) maintain
log files that store login credentials in cleartext.
In configurations where the FTP service is enabled, authenticated remote
attackers could extract login credentials of other users of the service.
References
| ► | URL | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| ► | Siemens | Control Center Server (CCS) |
Version: All versions < V1.5.0 |
||||||
|
|||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T02:09:39.700Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-844761.pdf"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-761844.pdf"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "Control Center Server (CCS)",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V1.5.0"
}
]
},
{
"defaultStatus": "unknown",
"product": "SiNVR/SiVMS Video Server",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V5.0.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been identified in Control Center Server (CCS) (All versions \u003c V1.5.0), SiNVR/SiVMS Video Server (All versions \u003c V5.0.0). The FTP services of the SiVMS/SiNVR Video Server and the Control Center Server (CCS) maintain\nlog files that store login credentials in cleartext.\nIn configurations where the FTP service is enabled, authenticated remote\nattackers could extract login credentials of other users of the service."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:U/RC:C",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-313",
"description": "CWE-313: Cleartext Storage in a File or on Disk",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-01-09T09:56:19.475Z",
"orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"shortName": "siemens"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-844761.pdf"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-761844.pdf"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"assignerShortName": "siemens",
"cveId": "CVE-2019-19291",
"datePublished": "2020-03-10T19:16:17",
"dateReserved": "2019-11-26T00:00:00",
"dateUpdated": "2024-08-05T02:09:39.700Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-0114 (GCVE-0-2023-0114)
Vulnerability from cvelistv5
Published
2023-01-07 08:24
Modified
2024-08-02 05:02
Severity ?
3.3 (Low) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
3.3 (Low) - CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
3.3 (Low) - CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
VLAI Severity ?
EPSS score ?
CWE
- CWE-313 - Cleartext Storage in a File or on Disk
Summary
A vulnerability was found in Netis Netcore Router. It has been rated as problematic. Affected by this issue is some unknown functionality of the file param.file.tgz of the component Backup Handler. The manipulation leads to cleartext storage in a file or on disk. Local access is required to approach this attack. The identifier of this vulnerability is VDB-217592.
References
| ► | URL | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Netis | Netcore Router |
Version: n/a |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T05:02:43.663Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vdb-entry",
"technical-description",
"x_transferred"
],
"url": "https://vuldb.com/?id.217592"
},
{
"tags": [
"signature",
"x_transferred"
],
"url": "https://vuldb.com/?ctiid.217592"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"modules": [
"Backup Handler"
],
"product": "Netcore Router",
"vendor": "Netis",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was found in Netis Netcore Router. It has been rated as problematic. Affected by this issue is some unknown functionality of the file param.file.tgz of the component Backup Handler. The manipulation leads to cleartext storage in a file or on disk. Local access is required to approach this attack. The identifier of this vulnerability is VDB-217592."
},
{
"lang": "de",
"value": "Eine problematische Schwachstelle wurde in Netis Netcore Router ausgemacht. Dies betrifft einen unbekannten Teil der Datei param.file.tgz der Komponente Backup Handler. Dank Manipulation mit unbekannten Daten kann eine cleartext storage in a file or on disk-Schwachstelle ausgenutzt werden. Der Angriff muss lokal passieren."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
}
},
{
"cvssV3_0": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.0"
}
},
{
"cvssV2_0": {
"baseScore": 1.7,
"vectorString": "AV:L/AC:L/Au:S/C:P/I:N/A:N",
"version": "2.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-313",
"description": "CWE-313 Cleartext Storage in a File or on Disk",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-10-20T18:05:37.068Z",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"tags": [
"vdb-entry",
"technical-description"
],
"url": "https://vuldb.com/?id.217592"
},
{
"tags": [
"signature"
],
"url": "https://vuldb.com/?ctiid.217592"
}
],
"timeline": [
{
"lang": "en",
"time": "2023-01-07T00:00:00.000Z",
"value": "Advisory disclosed"
},
{
"lang": "en",
"time": "2023-01-07T00:00:00.000Z",
"value": "CVE reserved"
},
{
"lang": "en",
"time": "2023-01-07T01:00:00.000Z",
"value": "VulDB entry created"
},
{
"lang": "en",
"time": "2023-01-29T15:28:16.000Z",
"value": "VulDB entry last update"
}
],
"title": "Netis Netcore Router Backup param.file.tgz cleartext storage in a file or on disk"
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2023-0114",
"datePublished": "2023-01-07T08:24:17.736Z",
"dateReserved": "2023-01-07T08:23:17.744Z",
"dateUpdated": "2024-08-02T05:02:43.663Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-2863 (GCVE-0-2023-2863)
Vulnerability from cvelistv5
Published
2023-05-24 10:00
Modified
2025-01-16 15:41
Severity ?
2.3 (Low) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N
2.3 (Low) - CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N
2.3 (Low) - CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N
VLAI Severity ?
EPSS score ?
CWE
- CWE-313 - Cleartext Storage in a File or on Disk
Summary
A vulnerability has been found in Simple Design Daily Journal 1.012.GP.B on Android and classified as problematic. Affected by this vulnerability is an unknown functionality of the component SQLite Database. The manipulation leads to cleartext storage in a file or on disk. It is possible to launch the attack on the local host. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-229819.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Simple Design | Daily Journal |
Version: 1.012.GP.B |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T06:33:05.677Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vdb-entry",
"technical-description",
"x_transferred"
],
"url": "https://vuldb.com/?id.229819"
},
{
"tags": [
"signature",
"permissions-required",
"x_transferred"
],
"url": "https://vuldb.com/?ctiid.229819"
},
{
"tags": [
"exploit",
"media-coverage",
"x_transferred"
],
"url": "https://www.youtube.com/watch?v=V0u9C5RVSic"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-2863",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-16T15:41:30.563602Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-01-16T15:41:49.473Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"modules": [
"SQLite Database"
],
"product": "Daily Journal",
"vendor": "Simple Design",
"versions": [
{
"status": "affected",
"version": "1.012.GP.B"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "analyst",
"value": "Gab3 (VulDB User)"
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been found in Simple Design Daily Journal 1.012.GP.B on Android and classified as problematic. Affected by this vulnerability is an unknown functionality of the component SQLite Database. The manipulation leads to cleartext storage in a file or on disk. It is possible to launch the attack on the local host. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-229819."
},
{
"lang": "de",
"value": "In Simple Design Daily Journal 1.012.GP.B f\u00fcr Android wurde eine Schwachstelle gefunden. Sie wurde als problematisch eingestuft. Hierbei betrifft es unbekannten Programmcode der Komponente SQLite Database. Durch das Manipulieren mit unbekannten Daten kann eine cleartext storage in a file or on disk-Schwachstelle ausgenutzt werden. Der Angriff muss lokal angegangen werden. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 2.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
}
},
{
"cvssV3_0": {
"baseScore": 2.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N",
"version": "3.0"
}
},
{
"cvssV2_0": {
"baseScore": 1.4,
"vectorString": "AV:L/AC:L/Au:M/C:P/I:N/A:N",
"version": "2.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-313",
"description": "CWE-313 Cleartext Storage in a File or on Disk",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-10-23T06:53:52.317Z",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"tags": [
"vdb-entry",
"technical-description"
],
"url": "https://vuldb.com/?id.229819"
},
{
"tags": [
"signature",
"permissions-required"
],
"url": "https://vuldb.com/?ctiid.229819"
},
{
"tags": [
"exploit",
"media-coverage"
],
"url": "https://www.youtube.com/watch?v=V0u9C5RVSic"
}
],
"timeline": [
{
"lang": "en",
"time": "2023-05-24T00:00:00.000Z",
"value": "Advisory disclosed"
},
{
"lang": "en",
"time": "2023-05-24T00:00:00.000Z",
"value": "CVE reserved"
},
{
"lang": "en",
"time": "2023-05-24T02:00:00.000Z",
"value": "VulDB entry created"
},
{
"lang": "en",
"time": "2023-06-17T08:03:58.000Z",
"value": "VulDB entry last update"
}
],
"title": "Simple Design Daily Journal SQLite Database cleartext storage in a file or on disk"
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2023-2863",
"datePublished": "2023-05-24T10:00:04.517Z",
"dateReserved": "2023-05-24T09:33:33.773Z",
"dateUpdated": "2025-01-16T15:41:49.473Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-35699 (GCVE-0-2023-35699)
Vulnerability from cvelistv5
Published
2023-07-10 09:39
Modified
2024-10-25 19:51
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-313 - Cleartext Storage in a File or on Disk
Summary
Cleartext Storage on Disk in the SICK ICR890-4 could allow an unauthenticated attacker with local access to the device to disclose sensitive information by accessing a SD card.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T16:30:44.141Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"issue-tracking",
"x_transferred"
],
"url": "https://sick.com/psirt"
},
{
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://sick.com/.well-known/csaf/white/2023/sca-2023-0006.pdf"
},
{
"tags": [
"x_csaf",
"x_transferred"
],
"url": "https://sick.com/.well-known/csaf/white/2023/sca-2023-0006.json"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-35699",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-25T19:50:31.404610Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-25T19:51:39.248Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "ICR890-4",
"vendor": "SICK AG",
"versions": [
{
"lessThan": "2.5.0",
"status": "affected",
"version": "0",
"versionType": "*"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": true,
"type": "text/html",
"value": "\n\nCleartext Storage on Disk in the SICK ICR890-4 could allow an unauthenticated attacker with local access to the device to disclose sensitive information by accessing a SD card.\n\n\n"
}
],
"value": "\nCleartext Storage on Disk in the SICK ICR890-4 could allow an unauthenticated attacker with local access to the device to disclose sensitive information by accessing a SD card.\n\n\n"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "PHYSICAL",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-313",
"description": "CWE-313 Cleartext Storage in a File or on Disk",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-07-10T09:40:55.151Z",
"orgId": "a6863dd2-93fc-443d-bef1-79f0b5020988",
"shortName": "SICK AG"
},
"references": [
{
"tags": [
"issue-tracking"
],
"url": "https://sick.com/psirt"
},
{
"tags": [
"vendor-advisory"
],
"url": "https://sick.com/.well-known/csaf/white/2023/sca-2023-0006.pdf"
},
{
"tags": [
"x_csaf"
],
"url": "https://sick.com/.well-known/csaf/white/2023/sca-2023-0006.json"
}
],
"source": {
"discovery": "INTERNAL"
},
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\n\nPlease make sure that you apply general security practices when operating the SICK ICR890-\n4 like restricting physical access to the device. The following general security practices could mitigate\nthe associated security risk.\n\n\n\u003cbr\u003e"
}
],
"value": "\nPlease make sure that you apply general security practices when operating the SICK ICR890-\n4 like restricting physical access to the device. The following general security practices could mitigate\nthe associated security risk.\n\n\n\n"
}
],
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "a6863dd2-93fc-443d-bef1-79f0b5020988",
"assignerShortName": "SICK AG",
"cveId": "CVE-2023-35699",
"datePublished": "2023-07-10T09:39:45.804Z",
"dateReserved": "2023-06-15T11:32:19.767Z",
"dateUpdated": "2024-10-25T19:51:39.248Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-4066 (GCVE-0-2023-4066)
Vulnerability from cvelistv5
Published
2023-09-27 20:54
Modified
2024-11-22 23:58
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-313 - Cleartext Storage in a File or on Disk
Summary
A flaw was found in Red Hat's AMQ Broker, which stores certain passwords in a secret security-properties-prop-module, defined in ActivemqArtemisSecurity CR; however, they are shown in plaintext in the StatefulSet details yaml of AMQ Broker.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ► | Red Hat | RHEL-8 based Middleware Containers |
Unaffected: 7.11.1-9 < * cpe:/a:redhat:rhosemc:1.0::el8 |
|||||||||||
|
||||||||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-4066",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-07-09T14:33:59.030071Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-07-09T14:34:07.996Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T07:17:11.980Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "RHSA-2023:4720",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2023:4720"
},
{
"tags": [
"vdb-entry",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/security/cve/CVE-2023-4066"
},
{
"name": "RHBZ#2224677",
"tags": [
"issue-tracking",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2224677"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:rhosemc:1.0::el8"
],
"defaultStatus": "affected",
"packageName": "amq7/amq-broker-rhel8-operator",
"product": "RHEL-8 based Middleware Containers",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "7.11.1-9",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:rhosemc:1.0::el8"
],
"defaultStatus": "affected",
"packageName": "amq7/amq-broker-rhel8-operator-bundle",
"product": "RHEL-8 based Middleware Containers",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "7.11.1-12",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:amq_broker:7"
],
"defaultStatus": "affected",
"packageName": "activemq-broker-operator",
"product": "Red Hat AMQ Broker 7",
"vendor": "Red Hat"
}
],
"datePublic": "2023-08-23T00:00:00+00:00",
"descriptions": [
{
"lang": "en",
"value": "A flaw was found in Red Hat\u0027s AMQ Broker, which stores certain passwords in a secret security-properties-prop-module, defined in ActivemqArtemisSecurity CR; however, they are shown in plaintext in the StatefulSet details yaml of AMQ Broker."
}
],
"metrics": [
{
"other": {
"content": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"value": "Moderate"
},
"type": "Red Hat severity rating"
}
},
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-313",
"description": "Cleartext Storage in a File or on Disk",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-11-22T23:58:09.296Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "RHSA-2023:4720",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2023:4720"
},
{
"tags": [
"vdb-entry",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/security/cve/CVE-2023-4066"
},
{
"name": "RHBZ#2224677",
"tags": [
"issue-tracking",
"x_refsource_REDHAT"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2224677"
}
],
"timeline": [
{
"lang": "en",
"time": "2023-07-21T00:00:00+00:00",
"value": "Reported to Red Hat."
},
{
"lang": "en",
"time": "2023-08-23T00:00:00+00:00",
"value": "Made public."
}
],
"title": "Operator: passwords defined in secrets shown in statefulset yaml",
"x_redhatCweChain": "CWE-313: Cleartext Storage in a File or on Disk"
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2023-4066",
"datePublished": "2023-09-27T20:54:42.212Z",
"dateReserved": "2023-08-01T18:02:36.130Z",
"dateUpdated": "2024-11-22T23:58:09.296Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-20448 (GCVE-0-2024-20448)
Vulnerability from cvelistv5
Published
2024-10-02 16:54
Modified
2024-10-02 17:26
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-313 - Cleartext Storage in a File or on Disk
Summary
A vulnerability in the Cisco Nexus Dashboard Fabric Controller (NDFC) software, formerly Cisco Data Center Network Manager (DCNM), could allow an attacker with access to a backup file to view sensitive information.
This vulnerability is due to the improper storage of sensitive information within config only and full backup files. An attacker could exploit this vulnerability by parsing the contents of a backup file that is generated from an affected device. A successful exploit could allow the attacker to access sensitive information, including NDFC-connected device credentials, the NDFC site manager private key, and the scheduled backup file encryption key.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco Data Center Network Manager |
Version: 11.2(1) Version: 7.0(2) Version: 10.3(2)IPFM Version: 10.1(1) Version: 7.2(3) Version: 7.2(2) Version: 7.2(1) Version: 11.0(1) Version: 10.4(1) Version: 10.2(1) Version: 7.2(2a) Version: 10.1(2) Version: 7.1(1) Version: 12.1(1) Version: 11.1(1) Version: 10.3(1) Version: 10.3(1)R(1) Version: 7.0(1) Version: 10.0(1) Version: 7.1(2) Version: 11.4(1) Version: 10.4(2) Version: 11.3(1) Version: 11.5(1) Version: 11.5(2) Version: 11.5(3) Version: 12.0.1a Version: 11.5(3a) Version: 12.0.2d Version: 12.0.2f Version: 11.5(4) Version: 12.1.1 Version: 12.1.1e Version: 12.1.1p Version: 12.1.2e Version: 12.1.2p Version: 12.1.3b Version: 12.2.1 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-20448",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-02T17:18:00.355679Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-02T17:26:28.808Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "Cisco Data Center Network Manager",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "11.2(1)"
},
{
"status": "affected",
"version": "7.0(2)"
},
{
"status": "affected",
"version": "10.3(2)IPFM"
},
{
"status": "affected",
"version": "10.1(1)"
},
{
"status": "affected",
"version": "7.2(3)"
},
{
"status": "affected",
"version": "7.2(2)"
},
{
"status": "affected",
"version": "7.2(1)"
},
{
"status": "affected",
"version": "11.0(1)"
},
{
"status": "affected",
"version": "10.4(1)"
},
{
"status": "affected",
"version": "10.2(1)"
},
{
"status": "affected",
"version": "7.2(2a)"
},
{
"status": "affected",
"version": "10.1(2)"
},
{
"status": "affected",
"version": "7.1(1)"
},
{
"status": "affected",
"version": "12.1(1)"
},
{
"status": "affected",
"version": "11.1(1)"
},
{
"status": "affected",
"version": "10.3(1)"
},
{
"status": "affected",
"version": "10.3(1)R(1)"
},
{
"status": "affected",
"version": "7.0(1)"
},
{
"status": "affected",
"version": "10.0(1)"
},
{
"status": "affected",
"version": "7.1(2)"
},
{
"status": "affected",
"version": "11.4(1)"
},
{
"status": "affected",
"version": "10.4(2)"
},
{
"status": "affected",
"version": "11.3(1)"
},
{
"status": "affected",
"version": "11.5(1)"
},
{
"status": "affected",
"version": "11.5(2)"
},
{
"status": "affected",
"version": "11.5(3)"
},
{
"status": "affected",
"version": "12.0.1a"
},
{
"status": "affected",
"version": "11.5(3a)"
},
{
"status": "affected",
"version": "12.0.2d"
},
{
"status": "affected",
"version": "12.0.2f"
},
{
"status": "affected",
"version": "11.5(4)"
},
{
"status": "affected",
"version": "12.1.1"
},
{
"status": "affected",
"version": "12.1.1e"
},
{
"status": "affected",
"version": "12.1.1p"
},
{
"status": "affected",
"version": "12.1.2e"
},
{
"status": "affected",
"version": "12.1.2p"
},
{
"status": "affected",
"version": "12.1.3b"
},
{
"status": "affected",
"version": "12.2.1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the Cisco Nexus Dashboard Fabric Controller (NDFC) software, formerly Cisco Data Center Network Manager (DCNM), could allow an attacker with access to a backup file to view sensitive information.\r\n\r\nThis vulnerability is due to the improper storage of sensitive information within config only and full backup files. An attacker could exploit this vulnerability by parsing the contents of a backup file that is generated from an affected device. A successful exploit could allow the attacker to access sensitive information, including NDFC-connected device credentials, the NDFC site manager private key, and the scheduled backup file encryption key."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:N",
"version": "3.1"
},
"format": "cvssV3_1"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-313",
"description": "Cleartext Storage in a File or on Disk",
"lang": "en",
"type": "cwe"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-10-02T16:54:17.748Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "cisco-sa-ndfc-cidv-XvyX2wLj",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ndfc-cidv-XvyX2wLj"
}
],
"source": {
"advisory": "cisco-sa-ndfc-cidv-XvyX2wLj",
"defects": [
"CSCwj87786"
],
"discovery": "INTERNAL"
},
"title": "Cisco Nexus Dashboard Fabric Controller Credential Information Disclosure Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2024-20448",
"datePublished": "2024-10-02T16:54:17.748Z",
"dateReserved": "2023-11-08T15:08:07.678Z",
"dateUpdated": "2024-10-02T17:26:28.808Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-30406 (GCVE-0-2024-30406)
Vulnerability from cvelistv5
Published
2024-04-12 15:04
Modified
2024-08-02 01:32
Severity ?
5.5 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:C/C:H/I:N/A:N
6.7 (Medium) - CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:P/VC:H/VI:N/VA:N/SC:H/SI:N/SA:N
6.7 (Medium) - CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:P/VC:H/VI:N/VA:N/SC:H/SI:N/SA:N
VLAI Severity ?
EPSS score ?
CWE
- CWE-313 - Cleartext Storage in a File or on Disk
Summary
A Cleartext Storage in a File on Disk vulnerability in Juniper Networks Junos OS Evolved ACX Series devices using the Paragon Active Assurance Test Agent software installed on network devices allows a local, authenticated attacker with high privileges to read all other users login credentials.
This issue affects only Juniper Networks Junos OS Evolved ACX Series devices using the Paragon Active Assurance Test Agent software installed on these devices from 23.1R1-EVO through 23.2R2-EVO.
This issue does not affect releases before 23.1R1-EVO.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Juniper Networks | Junos OS Evolved |
Version: 23.1R1-EVO ≤ 23.2R2-EVO |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-30406",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-04-12T17:46:38.908028Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-07-05T17:22:41.148Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T01:32:07.336Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://supportportal.juniper.net/JSA79104"
},
{
"tags": [
"product",
"x_transferred"
],
"url": "https://www.juniper.net/documentation/us/en/software/junos/junos-install-upgrade-evo/topics/topic-map/paa-test-agent-install.html"
},
{
"tags": [
"product",
"x_transferred"
],
"url": "https://www.juniper.net/documentation/us/en/software/junos/cli-reference/topics/ref/statement/services-paa-test-agent.html"
},
{
"tags": [
"technical-description",
"x_transferred"
],
"url": "https://www.first.org/cvss/calculator/4.0#CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:P/VC:H/VI:N/VA:N/SC:H/SI:N/SA:N"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"platforms": [
"Paragon Active Assurance Test Agent",
"ACX Series"
],
"product": "Junos OS Evolved",
"vendor": "Juniper Networks",
"versions": [
{
"lessThanOrEqual": "23.2R2-EVO",
"status": "affected",
"version": "23.1R1-EVO",
"versionType": "semver"
}
]
}
],
"configurations": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003ctt\u003ePotentially affected devices are those which use the following configuration statement:\u003cbr\u003e\u003cbr\u003e\u0026nbsp; \u0026lt;codeph\u0026gt;test-agent\u0026lt;/codeph\u0026gt;\u003cbr\u003e\u003c/tt\u003e\u003cbr\u003eLocated at the hierarchy level:\u003cbr\u003e\u0026nbsp;\u0026nbsp;\u003cbr\u003e\u0026nbsp; \u0026lt;codeph\u0026gt;[edit services pas]\u0026lt;/codeph\u0026gt;\u003cbr\u003e\u003cbr\u003eTherefore verify that the following minimal configuration statement in the Junos device exists:\u003cbr\u003e\u0026nbsp; [services pas]\u003cbr\u003e\u003cbr\u003eAnd verify that the agent is running on the device.\u0026nbsp;\u003cbr\u003e\u003cbr\u003e"
}
],
"value": "Potentially affected devices are those which use the following configuration statement:\n\n\u00a0 \u003ccodeph\u003etest-agent\u003c/codeph\u003e\n\nLocated at the hierarchy level:\n\u00a0\u00a0\n\u00a0 \u003ccodeph\u003e[edit services pas]\u003c/codeph\u003e\n\nTherefore verify that the following minimal configuration statement in the Junos device exists:\n\u00a0 [services pas]\n\nAnd verify that the agent is running on the device."
}
],
"datePublic": "2024-04-10T16:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "A Cleartext Storage in a File on Disk vulnerability in Juniper Networks Junos OS Evolved ACX Series devices\u0026nbsp;using the Paragon Active Assurance Test Agent software installed on network devices allows a local, authenticated attacker with high privileges to read all other users login credentials.\u003cbr\u003e\u003cbr\u003eThis issue affects only Juniper Networks Junos OS Evolved ACX Series devices using\u0026nbsp;the Paragon Active Assurance Test Agent software installed on these devices from 2\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e3.1R1-EVO through 23.2R2-EVO.\u0026nbsp;\u003cbr\u003e\u003c/span\u003e\u003cbr\u003eThis issue does not affect releases before 23.1R1-EVO.\u003cbr\u003e\u003cbr\u003e\u003cbr\u003e\u003cbr\u003e"
}
],
"value": "A Cleartext Storage in a File on Disk vulnerability in Juniper Networks Junos OS Evolved ACX Series devices\u00a0using the Paragon Active Assurance Test Agent software installed on network devices allows a local, authenticated attacker with high privileges to read all other users login credentials.\n\nThis issue affects only Juniper Networks Junos OS Evolved ACX Series devices using\u00a0the Paragon Active Assurance Test Agent software installed on these devices from 23.1R1-EVO through 23.2R2-EVO.\u00a0\n\nThis issue does not affect releases before 23.1R1-EVO."
}
],
"exploits": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eJuniper SIRT is not aware of any malicious exploitation of this vulnerability.\u003c/p\u003e"
}
],
"value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:C/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
},
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "LOCAL",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"privilegesRequired": "HIGH",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "HIGH",
"subIntegrityImpact": "NONE",
"userInteraction": "PASSIVE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:P/VC:H/VI:N/VA:N/SC:H/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "NONE",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-313",
"description": "CWE-313: Cleartext Storage in a File or on Disk",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-05-16T20:42:37.549Z",
"orgId": "8cbe9d5a-a066-4c94-8978-4b15efeae968",
"shortName": "juniper"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://supportportal.juniper.net/JSA79104"
},
{
"tags": [
"product"
],
"url": "https://www.juniper.net/documentation/us/en/software/junos/junos-install-upgrade-evo/topics/topic-map/paa-test-agent-install.html"
},
{
"tags": [
"product"
],
"url": "https://www.juniper.net/documentation/us/en/software/junos/cli-reference/topics/ref/statement/services-paa-test-agent.html"
},
{
"tags": [
"technical-description"
],
"url": "https://www.first.org/cvss/calculator/4.0#CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:P/VC:H/VI:N/VA:N/SC:H/SI:N/SA:N"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eThe following software releases have been updated to resolve this specific issue: \u003c/p\u003e\u003cp\u003eJunos OS Evolved: 23.2R2-EVO, 23.3R1-EVO, and all subsequent releases.\u003c/p\u003e\u003cp\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eNote: Before you upgrade the system software from Junos OS Evolved Release 23.2R1 to a later release, you must uninstall the test agent using the \u003c/span\u003e\u003ccode\u003erequest services paa uninstall\u003c/code\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\u0026nbsp;command. See the product documentation for upgrade procedures and coordinate with JTAC for support.\u003c/span\u003e\u003c/p\u003e"
}
],
"value": "The following software releases have been updated to resolve this specific issue: \n\nJunos OS Evolved: 23.2R2-EVO, 23.3R1-EVO, and all subsequent releases.\n\nNote: Before you upgrade the system software from Junos OS Evolved Release 23.2R1 to a later release, you must uninstall the test agent using the request services paa uninstall\u00a0command. See the product documentation for upgrade procedures and coordinate with JTAC for support."
}
],
"source": {
"advisory": "JSA79104",
"defect": [
"1728816"
],
"discovery": "INTERNAL"
},
"timeline": [
{
"lang": "en",
"time": "2024-04-10T16:00:00.000Z",
"value": "Initial Publication"
}
],
"title": "Junos OS Evolved: ACX Series with Paragon Active Assurance Test Agent: A local high privileged attacker can recover other administrators credentials",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eThere are no known workarounds for this issue.\u003c/p\u003e\u003cp\u003eDevices using the following deprecated operational mode command are unaffected:\u003c/p\u003e\u003cp\u003e \u0026lt;codeph\u0026gt;request services paa install\u0026lt;/codeph\u0026gt;\u003c/p\u003e\u003cp\u003eSee the Junos OS Evolved Software Installation and Upgrade Guide for the Paragon Active Assurance (PAA) Test Agent installation instructions for further information.\u003c/p\u003e"
}
],
"value": "There are no known workarounds for this issue.\n\nDevices using the following deprecated operational mode command are unaffected:\n\n \u003ccodeph\u003erequest services paa install\u003c/codeph\u003e\n\nSee the Junos OS Evolved Software Installation and Upgrade Guide for the Paragon Active Assurance (PAA) Test Agent installation instructions for further information."
}
],
"x_generator": {
"engine": "Vulnogram 0.1.0-av217"
}
}
},
"cveMetadata": {
"assignerOrgId": "8cbe9d5a-a066-4c94-8978-4b15efeae968",
"assignerShortName": "juniper",
"cveId": "CVE-2024-30406",
"datePublished": "2024-04-12T15:04:06.515Z",
"dateReserved": "2024-03-26T23:06:19.981Z",
"dateUpdated": "2024-08-02T01:32:07.336Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
No mitigation information available for this CWE.
No CAPEC attack patterns related to this CWE.