CVE-2020-6980

LOW Year: 2020
CVSS v3 Score
3.3
Low
CVSS v2 Score
2.1
Low
Weakness Type
CWE-312
View all →

Vulnerability Description

Rockwell Automation MicroLogix 1400 Controllers Series B v21.001 and prior, Series A, all versions, MicroLogix 1100 Controller, all versions, RSLogix 500 Software v12.001 and prior, If Simple Mail Transfer Protocol (SMTP) account data is saved in RSLogix 500, a local attacker with access to a victim’s project may be able to gather SMTP server authentication data as it is written to the project file in cleartext.

Related Vulnerabilities

CVE-2010-3282

LOW
CVSS:3.3(Low)

389 Directory Server before 1.2.7.1 (aka Red Hat Directory Server 8.2) and HP-UX Directory Server before B.08.10.03, when audit logging is enabled, logs the Directory Manager password (nsslapd-rootpw)...

CWE-3122010

CVE-2019-10433

LOW
CVSS:3.3(Low)

Jenkins Dingding[钉钉] Plugin stores credentials unencrypted in job config.xml files on the Jenkins master where they can be viewed by users with Extended Read permission, or access to the master file s...

CWE-3122019

CVE-2019-10450

LOW
CVSS:3.3(Low)

Jenkins ElasticBox CI Plugin stores credentials unencrypted in the global config.xml configuration file on the Jenkins master where they can be viewed by users with access to the master file system.

CWE-3122019

CVE-2021-37468

LOW
CVSS:3.3(Low)

NCH Reflect CRM 3.01 allows local users to discover cleartext user account information by reading the configuration files.

CWE-3122021

CVE-2022-22302

LOW
CVSS:3.3(Low)

A clear text storage of sensitive information (CWE-312) vulnerability in both FortiGate version 6.4.0 through 6.4.1, 6.2.0 through 6.2.9 and 6.0.0 through 6.0.13 and FortiAuthenticator version 5.5.0 a...

CWE-3122022

CVE-2022-28162

LOW
CVSS:3.3(Low)

Brocade SANnav before version SANnav 2.2.0 logs the REST API Authentication token in plain text.

CWE-3122022