CVE-2023-47745

MEDIUM Year: 2023
CVSS v3 Score
5.5
Medium
Weakness Type
CWE-319
View all →

Vulnerability Description

IBM MQ Operator 2.0.0 LTS, 2.0.18 LTS, 3.0.0 CD, 3.0.1 CD, 2.4.0 through 2.4.7, 2.3.0 through 2.3.3, 2.2.0 through 2.2.2, and 2.3.0 through 2.3.3 stores or transmits user credentials in plain clear text which can be read by a local user using a trace command. IBM X-Force ID: 272638.

Related Vulnerabilities

CVE-2007-5626

MEDIUM
CVSS:5.5(Medium)

make_catalog_backup in Bacula 2.2.5, and probably earlier, sends a MySQL password as a command line argument, and sometimes transmits cleartext e-mail containing this command line, which allows contex...

CWE-3192007

CVE-2010-4177

MEDIUM
CVSS:5.5(Medium)

mysql-gui-tools (mysql-query-browser and mysql-admin) before 5.0r14+openSUSE-2.3 exposes the password of a user connected to the MySQL server in clear text form via the list of running processes.

CWE-3192010

CVE-2012-1257

MEDIUM
CVSS:5.5(Medium)

Pidgin 2.10.0 uses DBUS for certain cleartext communication, which allows local users to obtain sensitive information via a dbus session monitor.

CWE-3192012

CVE-2017-6410

MEDIUM
CVSS:5.5(Medium)

kpac/script.cpp in KDE kio before 5.32 and kdelibs before 4.14.30 calls the PAC FindProxyForURL function with a full https URL (potentially including Basic Authentication credentials, a query string, ...

CWE-3192017

CVE-2017-7143

MEDIUM
CVSS:5.5(Medium)

An issue was discovered in certain Apple products. macOS before 10.13 is affected. The issue involves the "Captive Network Assistant" component. It allows remote attackers to discover cleartext passwo...

CWE-3192017

CVE-2019-0069

MEDIUM
CVSS:5.5(Medium)

On EX4600, QFX5100 Series, NFX Series, QFX10K Series, QFX5110, QFX5200 Series, QFX5110, QFX5200, QFX10K Series, vSRX, SRX1500, SRX4000 Series, vSRX, SRX1500, SRX4000, QFX5110, QFX5200, QFX10K Series, ...

CWE-3192019