CVE-2024-50570

MEDIUM Year: 2024
CVSS v3 Score
5.0
Medium
Weakness Type
CWE-312
View all →

Vulnerability Description

A Cleartext Storage of Sensitive Information vulnerability [CWE-312] in FortiClientWindows 7.4.0 through 7.4.1, 7.2.0 through 7.2.6, 7.0.0 through 7.0.13 and FortiClientLinux 7.4.0 through 7.4.2, 7.2.0 through 7.2.7, 7.0.0 through 7.0.13 may permit a local authenticated user to retrieve VPN password via memory dump, due to JavaScript's garbage collector

Related Vulnerabilities

CVE-2021-1865

MEDIUM
CVSS:5.0(Medium)

An issue obscuring passwords in screenshots was addressed with improved logic. This issue is fixed in iOS 14.5 and iPadOS 14.5. A user's password may be visible on screen.

CWE-3122021

CVE-2021-23878

MEDIUM
CVSS:5.0(Medium)

Clear text storage of sensitive Information in memory vulnerability in McAfee Endpoint Security (ENS) for Windows prior to 10.7.0 February 2021 Update allows a local user to view ENS settings and cred...

CWE-3122021

CVE-2023-39903

MEDIUM
CVSS:5.0(Medium)

An issue was discovered in Fujitsu Software Infrastructure Manager (ISM) before 2.8.0.061. The ismsnap component (in this specific case at /var/log/fujitsu/ServerViewSuite/ism/FirmwareManagement/Firmw...

CWE-3122023

CVE-2019-18615

MEDIUM
CVSS:4.9(Medium)

In CloudVision Portal (CVP) for all releases in the 2018.2 Train, under certain conditions, the application logs user passwords in plain text for certain API calls, potentially leading to user passwor...

CWE-3122019

CVE-2020-11415

MEDIUM
CVSS:4.9(Medium)

An issue was discovered in Sonatype Nexus Repository Manager 2.x before 2.14.17 and 3.x before 3.22.1. Admin users can retrieve the LDAP server system username/password (as configured in nxrm) in clea...

CWE-3122020

CVE-2020-4369

MEDIUM
CVSS:5.1(Medium)

IBM Verify Gateway (IVG) 1.0.0 and 1.0.1 stores highly sensitive information in cleartext that could be obtained by a user. IBM X-Force ID: 179004.

CWE-3122020