Vulnerabilities > Credentials Management
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-04-22 | CVE-2019-11243 | Credentials Management vulnerability in Kubernetes In Kubernetes v1.12.0-v1.12.4 and v1.13.0, the rest.AnonymousClientConfig() method returns a copy of the provided config, with credentials removed (bearer token, username/password, and client certificate/key data). | 4.3 |
| 2019-04-10 | CVE-2019-0032 | Credentials Management vulnerability in Juniper Service Insight and Service NOW A password management issue exists where the Organization authentication username and password were stored in plaintext in log files. | 2.1 |
| 2019-04-02 | CVE-2017-6047 | Credentials Management vulnerability in 3M Detcon Sitewatch Gateway Detcon Sitewatch Gateway, all versions without cellular, Passwords are presented in plaintext in a file that is accessible without authentication. | 5.0 |
| 2019-03-26 | CVE-2014-5433 | Credentials Management vulnerability in Baxter Sigma Spectrum Infusion System Firmware 6.05 An unauthenticated remote attacker may be able to execute commands to view wireless account credentials that are stored in cleartext on Baxter SIGMA Spectrum Infusion System version 6.05 (model 35700BAX) with wireless battery module (WBM) version 16, which may allow an attacker to gain access the host network. | 7.5 |
| 2019-03-25 | CVE-2019-7612 | Credentials Management vulnerability in multiple products A sensitive data disclosure flaw was found in the way Logstash versions before 5.6.15 and 6.6.1 logs malformed URLs. | 5.0 |
| 2019-02-12 | CVE-2019-6549 | Credentials Management vulnerability in Kunbus Pr100088 Modbus Gateway Firmware 1.1.13166 An attacker could retrieve plain-text credentials stored in a XML file on PR100088 Modbus gateway versions prior to Release R02 (or Software Version 1.1.13166) through FTP. | 4.0 |
| 2019-01-25 | CVE-2018-19009 | Credentials Management vulnerability in Pilz Pnozmulti Configurator Pilz PNOZmulti Configurator prior to version 10.9 allows an authenticated attacker with local access to the system containing the PNOZmulti Configurator software to view sensitive credential data in clear-text. | 2.1 |
| 2019-01-24 | CVE-2019-1657 | Credentials Management vulnerability in Cisco AMP Threat Grid Appliance and AMP Threat Grid Cloud A vulnerability in Cisco AMP Threat Grid could allow an authenticated, remote attacker to access sensitive information. | 4.0 |
| 2019-01-23 | CVE-2017-17836 | Credentials Management vulnerability in Apache Airflow In Apache Airflow 1.8.2 and earlier, an experimental Airflow feature displayed authenticated cookies, as well as passwords to databases used by Airflow. | 9.8 |
| 2019-01-22 | CVE-2018-6443 | Credentials Management vulnerability in multiple products A vulnerability in Brocade Network Advisor Versions before 14.3.1 could allow an unauthenticated, remote attacker to log in to the JBoss Administration interface of an affected system using an undocumented user credentials and install additional JEE applications. | 4.3 |