CVE-2026-5380
Clear-Text Credential Exposure in runZero Platform
Publication date: 2026-04-07
Last updated on: 2026-04-21
Assigner: 44488dab-36db-4358-99f9-bc116477f914
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| runzero | runzero_platform | to 4.0.260204.2 (exc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-863 | The product performs an authorization check when an actor attempts to access a resource or perform an action, but it does not correctly perform the check. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
CVE-2026-5380 is a vulnerability in the runZero Platform that allows an authorized user to view clear-text secrets for certain credential types and fields. This means that sensitive credential information is not sufficiently protected and can be exposed in an unencrypted form.
This vulnerability is classified as CWE-522: Insufficiently Protected Credentials. It has a CVSS 3.1 base score of 5.3 (Medium severity), indicating a network attack vector with high attack complexity, no privileges required, user interaction required, and a high impact on confidentiality but no impact on integrity or availability.
How can this vulnerability impact me? :
The vulnerability could allow an attacker who is in a man-in-the-middle (MITM) position between the runZero console and a remote API endpoint to exploit the exposed clear-text secrets. This could lead to the attacker gaining initial access to a targeted runZero Platform instance.
Since the exposed secrets are sensitive credentials, their disclosure could compromise the security of the platform and potentially allow unauthorized access or further attacks.
What immediate steps should I take to mitigate this vulnerability?
To mitigate this vulnerability, you should upgrade the runZero Platform to version 4.0.260204.2 or later, where the issue has been fixed.
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
This vulnerability involves the exposure of clear-text secrets for certain credential types and fields, which represents insufficient protection of credentials (CWE-522). Such exposure could lead to unauthorized access to sensitive information.
Exposure of sensitive credentials can impact compliance with standards and regulations like GDPR and HIPAA, which require adequate protection of personal and sensitive data to prevent unauthorized disclosure.
Therefore, if exploited, this vulnerability could potentially lead to non-compliance with these regulations due to the risk of unauthorized access and data exposure.