Vulnerabilities > Credentials Management

DATE CVE VULNERABILITY TITLE RISK
2019-08-29 CVE-2019-11064 Credentials Management vulnerability in multiple products
A vulnerability of remote credential disclosure was discovered in Advan VD-1 firmware versions up to 230.
network
low complexity
androvideo geovision CWE-255
5.0
2019-08-20 CVE-2019-10960 Credentials Management vulnerability in Zebra products
Zebra Industrial Printers All Versions, Zebra printers are shipped with unrestricted end-user access to front panel options.
network
low complexity
zebra CWE-255
5.0
2019-08-06 CVE-2016-10791 Credentials Management vulnerability in Cpanel
cPanel before 60.0.15 does not ensure that system accounts lack a valid password, so that logins are impossible (CPANEL-9559).
network
low complexity
cpanel CWE-255
5.0
2019-08-05 CVE-2017-18470 Credentials Management vulnerability in Cpanel
cPanel before 62.0.4 has a fixed password for the Munin MySQL test account (SEC-196).
network
low complexity
cpanel CWE-255
4.0
2019-08-01 CVE-2016-10821 Credentials Management vulnerability in Cpanel
In cPanel before 55.9999.141, Scripts/addpop reveals a command-line password in a process list (SEC-75).
network
low complexity
cpanel CWE-255
4.0
2019-07-30 CVE-2019-5456 Credentials Management vulnerability in UI Unifi Controller and Unifi Network Controller
SMTP MITM refers to a malicious actor setting up an SMTP proxy server between the UniFi Controller version <= 5.10.21 and their actual SMTP server to record their SMTP credentials for malicious use later.
network
high complexity
ui CWE-255
8.1
2019-07-19 CVE-2019-1010241 Credentials Management vulnerability in Jenkins Credentials Binding 1.17
Jenkins Credentials Binding Plugin Jenkins 1.17 is affected by: CWE-257: Storing Passwords in a Recoverable Format.
network
low complexity
jenkins CWE-255
4.0
2019-07-11 CVE-2019-13560 Credentials Management vulnerability in Dlink Dir-655 Firmware 3.02B05
D-Link DIR-655 C devices before 3.02B05 BETA03 allow remote attackers to force a blank password via the apply_sec.cgi setup_wizard parameter.
network
low complexity
dlink CWE-255
5.0
2019-07-03 CVE-2017-8229 Credentials Management vulnerability in Amcrest Ipm-721S Firmware
Amcrest IPM-721S V2.420.AC00.16.R.20160909 devices allow an unauthenticated attacker to download the administrative credentials.
network
low complexity
amcrest CWE-255
5.0
2019-07-03 CVE-2017-9326 Credentials Management vulnerability in Cloudera Manager 5.11.0
The keystore password for the Spark History Server may be exposed in unsecured files under the /var/run/cloudera-scm-agent directory managed by Cloudera Manager.
network
cloudera CWE-255
3.5