Statements (25)
| Predicate | Object |
|---|---|
| gptkbp:instance_of |
gptkb:Common_Weakness_Enumeration
|
| gptkbp:category |
gptkb:security
|
| gptkbp:consequences |
Unauthorized access to sensitive information.
|
| gptkbp:description |
The software stores sensitive information in cleartext, making it accessible to unauthorized users.
|
| gptkbp:difficulty_levels |
gptkb:High
|
| gptkbp:example |
Storing passwords in plaintext in a database.
|
| gptkbp:has_weakness |
gptkb:CWE-319
gptkb:CWE-327 CWE-522 |
| https://www.w3.org/2000/01/rdf-schema#label |
CWE-312
|
| gptkbp:impact |
Data Breach
|
| gptkbp:is_referenced_in |
gptkb:SANS_Top_25
gptkb:NIST_SP_800-53 gptkb:ISO/_IEC_27001 gptkb:OWASP_Top_Ten CIS Controls |
| gptkbp:name |
Cleartext Storage of Sensitive Information
|
| gptkbp:prevention |
Use encryption for sensitive data storage.
|
| gptkbp:provides_support_for |
Web applications
Mobile applications Desktop applications |
| gptkbp:related_to |
gptkb:CWE-200
CWE-256 |
| gptkbp:bfsParent |
gptkb:CWE-200
|
| gptkbp:bfsLayer |
8
|