Cleartext Storage of Sensitive Information in GUI

Description

This vulnerability occurs when an application stores sensitive data, such as passwords or personal information, in plain text within its graphical user interface (GUI) elements.

Extended Description

Attackers can bypass the visual protections of a GUI by using automated tools or APIs to directly query interface objects like windows, text fields, or menus. Even if the data appears masked or hidden on-screen, these methods can often extract the raw, cleartext information, completely undermining the intended security. Furthermore, developers sometimes attempt to obscure data with simple encodings like Base64 or ROT13 within the GUI layer. However, these are not encryption and are easily reversible. An attacker can quickly identify the encoding scheme and decode the information, rendering such obfuscation ineffective as a security control.

Common Consequences 1

Scope: Confidentiality

Impact: Read MemoryRead Application Data

Observed Examples 1

CVE-2002-1848Unencrypted passwords stored in GUI dialog may allow local users to access the passwords.

Applicable Platforms

Languages:

Not Language-Specific : Undetermined

Modes of Introduction

Architecture and Design

Related Weaknesses

ChildOf:

Cleartext Storage of Sensitive Information (CWE-312)

Taxonomy Mapping

PLOVER
Software Fault Patterns

Notes

TerminologyDifferent people use "cleartext" and "plaintext" to mean the same thing: the lack of encryption. However, within cryptography, these have more precise meanings. Plaintext is the information just before it is fed into a cryptographic algorithm, including already-encrypted text. Cleartext is any information that is unencrypted, although it might be in an encoded form that is not easily human-readable (such as base64 encoding).