Sparx Systems Pro Cloud Server Plaintext Password Storage Vulnerability

Vulnerability

A vulnerability exists in Sparx Systems Pro Cloud Server when OpenID is used for authentication with Sparx Enterprise Architect. In this scenario, the server generates local passwords for users and stores them in plaintext.

Impact

Storing passwords in plaintext can lead to unauthorized access if the password data is compromised.

Added: Apr 17, 2026, 9:40 AM

Updated: Apr 17, 2026, 9:40 AM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

3.3

remediation

0.0

relevance

6.1

threat

0.0

urgency

10.0

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

3.3

remediation

0.0

relevance

6.1

threat

0.0

urgency

10.0

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Sparx Systems Pro Cloud Server Plaintext Password Storage Vulnerability

Vulnerability

Impact

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating