CVE-2022-25164

HIGH Year: 2022
CVSS v3 Score
7.5
High
Weakness Type
CWE-312
View all →

Vulnerability Description

Cleartext Storage of Sensitive Information vulnerability in Mitsubishi Electric GX Works3 versions from 1.000A to 1.095Z and Mitsubishi Electric MX OPC UA Module Configurator-R versions 1.08J and prior allows a remote unauthenticated attacker to disclose sensitive information. As a result, unauthenticated attackers can gain unauthorized access to the MELSEC CPU module and the MELSEC OPC UA server module.

Related Vulnerabilities

CVE-2001-1536

HIGH
CVSS:7.5(High)

Autogalaxy stores usernames and passwords in cleartext in cookies, which makes it easier for remote attackers to obtain authentication information and gain unauthorized access via sniffing or a cross-...

CWE-3122001

CVE-2001-1537

HIGH
CVSS:7.5(High)

The default "basic" security setting' in config.php for TWIG webmail 2.7.4 and earlier stores cleartext usernames and passwords in cookies, which could allow attackers to obtain authentication informa...

CWE-3122001

CVE-2002-1800

HIGH
CVSS:7.5(High)

phpRank 1.8 stores the administrative password in plaintext on the server and in the "ap" cookie, which allows remote attackers to retrieve the administrative password.

CWE-3122002

CVE-2004-2397

HIGH
CVSS:7.5(High)

The web-based Management Console in Blue Coat Security Gateway OS 3.0 through 3.1.3.13 and 3.2.1, when importing a private key, stores the key and its passphrase in plaintext in a log file, which allo...

CWE-3122004

CVE-2005-1828

HIGH
CVSS:7.5(High)

D-Link DSL-504T stores usernames and passwords in cleartext in the router configuration file, which allows remote attackers to obtain sensitive information.

CWE-3122005

CVE-2005-2160

HIGH
CVSS:7.5(High)

IMail stores usernames and passwords in cleartext in a cookie, which allows remote attackers to obtain sensitive information.

CWE-3122005