A Credentials Management CWE-255 vulnerability exists in the APC UPS Network Management Card 2 AOS v6.5.6, which could cause Remote Monitoring Credentials to be viewed in plaintext when Remote Monitoring is enabled, and then disabled.
https://www.apc.com/salestools/CCON-BFQMXC/CCON-BFQMXC_R0_EN.pdf