CWE-314

Cleartext Storage in the Registry

Variant

Draft

Description

The product stores sensitive information in cleartext in the registry.

Attackers can read the information by accessing the registry key. Even if the information is encoded in a way that is not human-readable, certain techniques could determine which encoding is being used, then decode the information.

Parent Weaknesses (ChildOf)

CWE-312: Cleartext Storage of Sensitive...

Common Consequences

Scope

Confidentiality

Impact

Read Application Data

CVE-2005-2227

Cleartext passwords in registry key.

Applicable Platforms

Not Language-Specific

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CWE-314

Cleartext Storage in the Registry

Description

Relationships

Common Consequences

Related CVEs

Applicable Platforms