CVE-2019-3753

HIGH Year: 2019
CVSS v3 Score
7.2
High
CVSS v2 Score
4.0
Medium
Weakness Type
CWE-312
View all →

Vulnerability Description

Dell EMC PowerConnect 8024, 7000, M6348, M6220, M8024 and M8024-K running firmware versions prior to 5.1.15.2 contain a plain-text password storage vulnerability. TACACS\Radius credentials are stored in plain text in the system settings menu. An authenticated malicious user with access to the system settings menu may obtain the exposed password to use it in further attacks.

Related Vulnerabilities

CVE-2009-5068

HIGH
CVSS:7.2(High)

There is a file disclosure vulnerability in SMF (Simple Machines Forum) affecting versions through v2.0.3. On some configurations a SMF deployment is shared by several "co-admins" that are not trusted...

CWE-3122009

CVE-2018-10871

HIGH
CVSS:7.2(High)

389-ds-base before versions 1.3.8.5, 1.4.0.12 is vulnerable to a Cleartext Storage of Sensitive Information. By default, when the Replica and/or retroChangeLog plugins are enabled, 389-ds-base stores ...

CWE-3122018

CVE-2018-19981

HIGH
CVSS:7.2(High)

Amazon AWS SDK <=2.8.5 for Android uses Android SharedPreferences to store plain text AWS STS Temporary Credentials retrieved by AWS Cognito Identity Service. An attacker can use these credentials to ...

CWE-3122018

CVE-2019-6549

HIGH
CVSS:7.2(High)

An attacker could retrieve plain-text credentials stored in a XML file on PR100088 Modbus gateway versions prior to Release R02 (or Software Version 1.1.13166) through FTP.

CWE-3122019

CVE-2020-29001

HIGH
CVSS:7.2(High)

An issue was discovered on Geeni GNC-CW028 Camera 2.7.2, Geeni GNC-CW025 Doorbell 2.9.5, Merkury MI-CW024 Doorbell 2.9.6, and Merkury MI-CW017 Camera 2.9.6 devices. A vulnerability exists in the RESTf...

CWE-3122020

CVE-2023-50957

HIGH
CVSS:7.2(High)

IBM Storage Defender - Resiliency Service 2.0 could allow a privileged user to perform unauthorized actions after obtaining encrypted data from clear text key storage. IBM X-Force ID: 275783.

CWE-3122023