CVE-2024-5558209.12.2024, 03:15Oxide before 6 has unencrypted Control Plane datastores.EnginsightProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVectorNISTNIST5.7 MEDIUMPHYSICALHIGHNONECVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:NmitreCNA5.7 MEDIUMPHYSICALHIGHNONECVSS:3.1/AC:H/AV:P/A:N/C:H/I:H/PR:N/S:U/UI:NCISA-ADPADP------Awaiting analysisThis vulnerability is currently awaiting analysis.Base ScoreCVSS 3.xEPSS ScorePercentile: 1%Common Weakness EnumerationCWE-312 - Cleartext Storage of Sensitive InformationThe product stores sensitive information in cleartext within a resource that might be accessible to another control sphere.Referenceshttps://docs.oxide.computer/security/advisories/20240118-1