Plaintext Password Storage in Sparx Pro Cloud Server 6.0.163
CVE-2025-15624 Published on April 17, 2026

Plaintext Storage of a Password in Sparx Pro Cloud Server.
Plaintext Storage of a Password vulnerability in Sparx Systems Pty Ltd. Sparx Pro Cloud Server. In a setup where OpenID is used as the primary method of authentication to authenticate to Sparx EA, Pro Cloud Server creates local passwords to the users and stores them in plaintext.

NVD

Weakness Type

Unprotected Storage of Credentials

Storing a password in plaintext may result in a system compromise. Password management issues occur when a password is stored in plaintext in an application's properties or configuration file. Storing a plaintext password in a configuration file allows anyone who can read the file access to the password-protected resource.

Affected Versions

Sparx Systems Pty Ltd. Sparx Pro Cloud Server Version 6.0.163 is affected by CVE-2025-15624

Exploit Probability

EPSS

0.02%

Percentile

6.64%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.

Plaintext Password Storage in Sparx Pro Cloud Server 6.0.163CVE-2025-15624 Published on April 17, 2026

Weakness Type

Unprotected Storage of Credentials

Affected Versions

Exploit Probability

Plaintext Password Storage in Sparx Pro Cloud Server 6.0.163
CVE-2025-15624 Published on April 17, 2026