Description
The product stores sensitive information in cleartext within the GUI.
Extended Description
An attacker can often obtain data from a GUI, even if hidden, by using an API to directly access GUI objects such as windows and menus. Even if the information is encoded in a way that is not human-readable, certain techniques could determine which encoding is being used, then decode the information.
CVE vulnerabilities with CWE-317 (8)
9.3
CVSS
CRITICAL
CVE-2025-14816
pub. 2026-04-08
8.6
CVSS
HIGH
CVE-2026-27516
pub. 2026-02-24
8.5
CVSS
HIGH
CVE-2022-29090
pub. 2022-08-10
7.3
CVSS
HIGH
CVE-2022-0354
pub. 2022-04-22
7.1
CVSS
HIGH
CVE-2026-24431
pub. 2026-01-26
4.9
CVSS
MEDIUM
CVE-2019-13947
pub. 2019-12-12
4.3
CVSS
MEDIUM
CVE-2021-34750
pub. 2024-11-15
4.3
CVSS
MEDIUM
CVE-2021-34751
pub. 2024-11-15