Vulnerabilities > Credentials Management
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-12-11 | CVE-2016-6904 | Credentials Management vulnerability in Netapp Vasa Provider 6.0/6.X/7.0 Versions of VASA Provider for Clustered Data ONTAP prior to 7.0P1 contain a web server that accepts plain text authentication. | 8.1 |
| 2017-11-07 | CVE-2016-0872 | Credentials Management vulnerability in Kabona Webdatorcentral A Plaintext Storage of a Password issue was discovered in Kabona AB WebDatorCentral (WDC) versions prior to Version 3.4.0. | 9.8 |
| 2017-10-24 | CVE-2013-3734 | Credentials Management vulnerability in Redhat Jboss Application Server 1.2 The Embedded Jopr component in JBoss Application Server includes the cleartext datasource password in unspecified HTML responses, which might allow (1) man-in-the-middle attackers to obtain sensitive information by leveraging failure to use SSL or (2) attackers to obtain sensitive information by reading the HTML source code. | 6.6 |
| 2017-10-17 | CVE-2014-8357 | Credentials Management vulnerability in Dasanzhone Znid 2426A Firmware backupsettings.html in the web administrative portal in Zhone zNID GPON 2426A before S3.0.501 places a session key in a URL, which allows remote attackers to obtain arbitrary user passwords via the sessionKey parameter in a getConfig action to backupsettings.conf. | 8.8 |
| 2017-10-13 | CVE-2016-6815 | Credentials Management vulnerability in Apache Ranger In Apache Ranger before 0.6.2, users with "keyadmin" role should not be allowed to change password for users with "admin" role. | 6.5 |
| 2017-09-30 | CVE-2016-10512 | Credentials Management vulnerability in Multitech Faxfinder MultiTech FaxFinder before 4.1.2 stores Passwords unencrypted for maintaining the test connectivity function of its LDAP configuration. | 9.8 |
| 2017-09-19 | CVE-2015-4684 | Credentials Management vulnerability in Polycom Realpresence Resource Manager Multiple directory traversal vulnerabilities in Polycom RealPresence Resource Manager (aka RPRM) before 8.4 allow (1) remote authenticated users to read arbitrary files via a .. | 6.5 |
| 2017-09-19 | CVE-2015-4681 | Credentials Management vulnerability in Polycom Realpresence Resource Manager Polycom RealPresence Resource Manager (aka RPRM) before 8.4 allows local users to have unspecified impact via vectors related to weak passwords. | 7.8 |
| 2017-08-29 | CVE-2016-2972 | Credentials Management vulnerability in IBM Sametime IBM Sametime Meeting Server 8.5.2 and 9.0 could store credentials of the Sametime Meetings user in the local cache of their browser which could be accessed by a local user. | 7.8 |
| 2017-08-28 | CVE-2016-7030 | Credentials Management vulnerability in Freeipa 4.6.0 FreeIPA uses a default password policy that locks an account after 5 unsuccessful authentication attempts, which allows remote attackers to cause a denial of service by locking out the account in which system services run on. | 7.5 |