CVE-2025-15624

Vulnerability Description

Plaintext Storage of a Password vulnerability in Sparx Systems Pty Ltd. Sparx Pro Cloud Server. In a setup where OpenID is used as the primary method of authentication to authenticate to Sparx EA, Pro Cloud Server creates local passwords to the users and stores them in plaintext.

Related Weaknesses (CWE)

CWE-256

References

https://sparxsystems.com/products/procloudserver/6.1/history.html

FAQ

What is CVE-2025-15624?

CVE-2025-15624 is a documented vulnerability. Plaintext Storage of a Password vulnerability in Sparx Systems Pty Ltd. Sparx Pro Cloud Server. In a setup where OpenID is used as the primary method of authentication to authenticate to Sparx EA, Pr...

How severe is CVE-2025-15624?

CVSS scoring is not yet available for CVE-2025-15624. Check NVD for updates.

Is there a patch for CVE-2025-15624?

Check the references section above for vendor advisories and patch information. Review vendor security bulletins for remediation guidance.