CVE-2022-3261

HIGH Year: 2022
CVSS v3 Score
7.5
High
Weakness Type
CWE-256
View all →

Vulnerability Description

A flaw was found in OpenStack. Multiple components show plain-text passwords in /var/log/messages during the OpenStack overcloud update run, leading to a disclosure of sensitive information problem.

Related Vulnerabilities

CVE-2017-6049

HIGH
CVSS:7.5(High)

Detcon Sitewatch Gateway, all versions without cellular, an attacker can edit settings on the device using a specially crafted URL.

CWE-2562017

CVE-2019-10921

HIGH
CVSS:7.5(High)

A vulnerability has been identified in LOGO! 8 BM (incl. SIPLUS variants) (All versions < V8.3). Unencrypted storage of passwords in the project could allow an attacker with access to port 10005/tcp t...

CWE-2562019

CVE-2019-6518

HIGH
CVSS:7.5(High)

Moxa IKS and EDS store plaintext passwords, which may allow sensitive information to be read by someone with access to the device.

CWE-2562019

CVE-2020-10609

HIGH
CVSS:7.5(High)

Grundfos CIM 500 v06.16.00 stores plaintext credentials, which may allow sensitive information to be read or allow modification to system settings by someone with access to the device.

CWE-2562020

CVE-2020-5374

HIGH
CVSS:7.5(High)

Dell EMC OpenManage Integration for Microsoft System Center (OMIMSSC) for SCCM and SCVMM versions prior to 7.2.1 contain a hard-coded cryptographic key vulnerability. A remote unauthenticated attacker...

CWE-2562020

CVE-2020-8183

HIGH
CVSS:7.5(High)

A logic error in Nextcloud Server 19.0.0 caused a plaintext storage of the share password when it was given on the initial create API call.

CWE-2562020