Vulnerabilities > Credentials Management
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-08-06 | CVE-2016-10791 | Credentials Management vulnerability in Cpanel cPanel before 60.0.15 does not ensure that system accounts lack a valid password, so that logins are impossible (CPANEL-9559). | 5.3 |
| 2019-08-05 | CVE-2017-18470 | Credentials Management vulnerability in Cpanel cPanel before 62.0.4 has a fixed password for the Munin MySQL test account (SEC-196). | 8.8 |
| 2019-08-01 | CVE-2016-10821 | Credentials Management vulnerability in Cpanel In cPanel before 55.9999.141, Scripts/addpop reveals a command-line password in a process list (SEC-75). | 6.5 |
| 2019-07-30 | CVE-2019-5456 | Credentials Management vulnerability in UI Unifi Controller SMTP MITM refers to a malicious actor setting up an SMTP proxy server between the UniFi Controller version <= 5.10.21 and their actual SMTP server to record their SMTP credentials for malicious use later. | 8.1 |
| 2019-07-11 | CVE-2019-13560 | Credentials Management vulnerability in Dlink Dir-655 Firmware 3.02B05 D-Link DIR-655 C devices before 3.02B05 BETA03 allow remote attackers to force a blank password via the apply_sec.cgi setup_wizard parameter. | 9.8 |
| 2019-07-03 | CVE-2017-8229 | Credentials Management vulnerability in Amcrest Ipm-721S Firmware 2.420.Ac00.16.R.20160909 Amcrest IPM-721S V2.420.AC00.16.R.20160909 devices allow an unauthenticated attacker to download the administrative credentials. | 9.8 |
| 2019-07-03 | CVE-2017-9326 | Credentials Management vulnerability in Cloudera Manager 5.11.0 The keystore password for the Spark History Server may be exposed in unsecured files under the /var/run/cloudera-scm-agent directory managed by Cloudera Manager. | 7.5 |
| 2019-07-03 | CVE-2017-6900 | Credentials Management vulnerability in Riello-Ups Netman 204 Firmware 142/152 An issue was discovered in Riello NetMan 204 14-2 and 15-2. | 9.8 |
| 2019-07-02 | CVE-2017-8417 | Credentials Management vulnerability in Dlink Dcs-1100 Firmware and Dcs-1130 Firmware An issue was discovered on D-Link DCS-1100 and DCS-1130 devices. | 8.8 |
| 2019-06-17 | CVE-2017-10718 | Credentials Management vulnerability in Ishekar Endoscope Camera Firmware Recently it was discovered as a part of the research on IoT devices in the most recent firmware for Shekar Endoscope that any malicious user connecting to the device can change the default SSID and password thereby denying the owner an access to his/her own device. | 6.5 |