CWE · MITRE source
CWE-313Cleartext Storage in a File or on Disk
The product stores sensitive information in cleartext in a file, or on disk.
The sensitive information could be read by attackers with access to the file, or with physical or administrator access to the raw disk. Even if the information is encoded in a way that is not human-readable, certain techniques could determine which encoding is being used, then decode the information.
Last updated: 04 July 2026 13:15 UTC
Cumulative inbound coverage
How completely the frameworks we cross-walk collectively cover this — the verdict is the strongest single mapping (overlapping partials are not summed); breadth shows the corroboration behind it.
Collective: full · 8 mapping(s) from 6 framework(s): ATT&CK 3 (mostly) · STIG oracle linux 8 1 (full) · STIG oracle linux 9 1 (mostly) · STIG rhel 8 1 (mostly) · STIG rhel 9 1 (mostly) · OWASP-Web 1 (partial)
OWASP Top 10 for Web (2025)
This weakness contributes to A06:2025 Insecure Design.
NIST 800-53 r5 controls that address this weakness (1)AI
| Control | Title | Family | Why it addresses this CWE |
|---|---|---|---|
SC-28 | Protection of Information at Rest | SC | Mandating protection of files and disk-stored data at rest prevents the specific weakness of cleartext storage on disk or in files. |
MITRE ATT&CK techniques this weakness enables
Our own two-way CWE↔ATT&CK cross-walk — a direct mapping with no public source (the CWE→CAPEC→ATT&CK chain leaves most top weaknesses, incl. XSS and SQLi, mapped to nothing). Drafted by Grok and spot-checked by Claude Opus 4.8.
Direction: ← other covers this;
→ this covers other (F/M/P = full / mostly /
partial).
Top CVEs of this weakness type, ranked by Risk Priority
| CVE | Risk | CVSS | EPSS | Published |
|---|---|---|---|---|
CVE-2025-5098 UPD | 7.0 | 9.1 | 0.0027 | 2025-05-23 |
CVE-2016-6538 | 5.5 | 8.8 | 0.0106 | 2018-07-06 |
CVE-2016-6546 | 5.5 | 7.8 | 0.0041 | 2018-07-13 |
CVE-2016-6547 | 5.5 | 7.8 | 0.0041 | 2018-07-13 |
CVE-2026-24349 UPD | 5.5 | 7.1 | 0.0006 | 2026-06-09 |
CVE-2026-52783 | 5.5 | 8.2 | 0.0013 | 2026-06-26 |
CVE-2018-10622 UPD | 3.5 | 5.2 | 0.0036 | 2018-08-10 |
CVE-2019-19291 | 3.5 | 5.3 | 0.0075 | 2020-03-10 |
CVE-2023-35699 | 3.5 | 5.3 | 0.0018 | 2023-07-10 |
CVE-2023-4066 | 3.5 | 5.5 | 0.0015 | 2023-09-27 |
CVE-2024-30406 | 3.5 | 5.5 | 0.0014 | 2024-04-12 |
CVE-2024-38280 | 3.5 | 4.6 | 0.0015 | 2024-06-13 |
CVE-2024-5916 | 3.5 | 4.4 | 0.0025 | 2024-08-14 |
CVE-2024-6785 | 3.5 | 5.5 | 0.0011 | 2024-09-21 |
CVE-2024-20448 | 3.5 | 6.3 | 0.0012 | 2024-10-02 |
CVE-2024-49762 | 3.5 | 4.6 | 0.0014 | 2024-10-24 |
CVE-2025-36154 | 3.5 | 6.2 | 0.0008 | 2025-12-24 |
CVE-2025-64305 | 3.5 | 6.5 | 0.0014 | 2026-01-07 |
CVE-2026-5531 | 3.5 | 5.3 | 0.0020 | 2026-04-05 |
CVE-2026-6598 | 3.5 | 4.3 | 0.0015 | 2026-04-20 |
CVE-2026-6796 | 3.5 | 4.3 | 0.0015 | 2026-04-21 |
CVE-2025-4397 UPD | 3.5 | 6.8 | 0.0013 | 2026-05-07 |
CVE-2023-0114 | 1.5 | 3.3 | 0.0014 | 2023-01-07 |
CVE-2023-2863 | 1.5 | 2.3 | 0.0023 | 2023-05-24 |
CVE-2024-9040 | 1.5 | 2.3 | 0.0015 | 2024-09-20 |