CVE-2023-32448

MEDIUM Year: 2023
CVSS v3 Score
5.5
Medium
Weakness Type
CWE-312
View all →

Vulnerability Description

PowerPath for Windows, versions 7.0, 7.1 & 7.2 contains License Key Stored in Cleartext vulnerability. A local user with access to the installation directory can retrieve the license key of the product and use it to install and license PowerPath on different systems.

Related Vulnerabilities

CVE-2002-1696

MEDIUM
CVSS:5.5(Medium)

Microsoft Outlook plug-in PGP version 7.0, 7.0.3, and 7.0.4 silently saves a decrypted copy of a message to hard disk when "Automatically decrypt/verify when opening messages" option is checked, "Alwa...

CWE-3122002

CVE-2005-2209

MEDIUM
CVSS:5.5(Medium)

Capturix ScanShare 1.06 build 50 stores sensitive information such as the password in cleartext in capturixss_cfg.ini, which is readable by local users.

CWE-3122005

CVE-2008-1567

MEDIUM
CVSS:5.5(Medium)

phpMyAdmin before 2.11.5.1 stores the MySQL (1) username and (2) password, and the (3) Blowfish secret key, in cleartext in a Session file under /tmp, which allows local users to obtain sensitive info...

CWE-3122008

CVE-2009-1466

MEDIUM
CVSS:5.5(Medium)

Application Access Server (A-A-S) 2.0.48 stores (1) passwords and (2) the port keyword in cleartext in aas.ini, which allows local users to obtain sensitive information by reading this file.

CWE-3122009

CVE-2011-2916

MEDIUM
CVSS:5.5(Medium)

qtnx 0.9 stores non-custom SSH keys in a world-readable configuration file. If a user has a world-readable or world-executable home directory, another local system user could obtain the private key us...

CWE-3122011

CVE-2015-1931

MEDIUM
CVSS:5.5(Medium)

IBM Java Security Components in IBM SDK, Java Technology Edition 8 before SR1 FP10, 7 R1 before SR3 FP10, 7 before SR9 FP10, 6 R1 before SR8 FP7, 6 before SR16 FP7, and 5.0 before SR16 FP13 stores pla...

CWE-3122015