CVE-2023-5384

LOW Year: 2023
CVSS v3 Score
2.7
Low
Weakness Type
CWE-312
View all →

Vulnerability Description

A flaw was found in Infinispan. When serializing the configuration for a cache to XML/JSON/YAML, which contains credentials (JDBC store with connection pooling, remote store), the credentials are returned in clear text as part of the configuration.

Related Vulnerabilities

CVE-2021-40087

LOW
CVSS:2.7(Low)

An issue was discovered in PrimeKey EJBCA before 7.6.0. When audit logging changes to the alias configurations of various protocols that use an enrollment secret, any modifications to the secret were ...

CWE-3122021

CVE-2024-4235

LOW
CVSS:2.7(Low)

A vulnerability classified as problematic was found in Netgear DG834Gv5 1.6.01.34. This vulnerability affects unknown code of the component Web Management Interface. The manipulation leads to cleartex...

CWE-3122024

CVE-2020-4224

LOW
CVSS:2.9(Low)

IBM StoredIQ 7.6.0.17 through 7.6.0.20 could disclose sensitive information to a local user due to data in certain directories not being encrypted when it contained symbolic links. IBM X-Force ID: 175...

CWE-3122020

CVE-2024-46383

LOW
CVSS:2.4(Low)

Hathway Skyworth Router CM5100-511 v4.1.1.24 was discovered to store sensitive information about USB and Wifi connected devices in plaintext.

CWE-3122024

CVE-2020-9407

LOW
CVSS:3.1(Low)

IBL Online Weather before 4.3.5a allows attackers to obtain sensitive information by reading the IWEBSERVICE_JSONRPC_COOKIE cookie.

CWE-3122020

CVE-2023-24586

LOW
CVSS:3.1(Low)

Cleartext storage of sensitive information exists in SkyBridge MB-A100/110 firmware Ver. 4.2.0 and earlier, which may allow a remote authenticated attacker to obtain an APN credential for the product.

CWE-3122023