CVE-2025-15624

Published: Apr 17, 2026 Last Modified: Apr 17, 2026

ExploitDB:

Other exploit source:

Google Dorks:

CRITICAL 9,3

Source: db4dfee8-a97e-4877-bfae-eba6d14a2166

Attack Vector: network

Attack Complexity: low

Privileges Required: none

User Interaction: none

Confidentiality: N/A

Integrity: N/A

Availability: N/A

Description

AI Translation Available

Plaintext Storage of a Password vulnerability in Sparx Systems Pty Ltd. Sparx Pro Cloud Server.
In a setup where OpenID is used as the primary method of authentication to authenticate to Sparx EA, Pro Cloud Server creates local passwords to the users and stores them in plaintext.

256

Plaintext Storage of a Password

Incomplete

Abstraction: Base Structure: Simple

Common Consequences

Security Scopes Affected:

Access Control

Potential Impacts:

Gain Privileges Or Assume Identity

Applicable Platforms

Technologies: ICS/OT

Likelihood of Exploit: High

View CWE Details

https://sparxsystems.com/products/procloudserver/6.1/histor…

https://sparxsystems.com/products/procloudserver/6.1/history.html

CVE-2025-15624

Description

Plaintext Storage of a Password

Common Consequences

Applicable Platforms

Iscriviti alla newsletter