Vulnerabilities > Credentials Management
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-01-23 | CVE-2016-9081 | Credentials Management vulnerability in Joomla Joomla! Joomla! 3.4.4 through 3.6.3 allows attackers to reset username, password, and user group assignments and possibly perform other user account modifications via unspecified vectors. | 9.8 |
| 2016-12-29 | CVE-2016-7456 | Credentials Management vulnerability in VMWare Vsphere Data Protection VMware vSphere Data Protection (VDP) 5.5.x though 6.1.x has an SSH private key with a publicly known password, which makes it easier for remote attackers to obtain login access via an SSH session. | 9.8 |
| 2016-12-16 | CVE-2013-1430 | Credentials Management vulnerability in multiple products An issue was discovered in xrdp before 0.9.1. | 9.8 |
| 2016-12-15 | CVE-2016-4028 | Credentials Management vulnerability in Open-Xchange OX Guard 2.4.0 An issue was discovered in Open-Xchange OX Guard before 2.4.0-rev8. | 7.5 |
| 2016-12-14 | CVE-2016-9204 | Credentials Management vulnerability in Cisco Nexus 1000V Intercloud Firmware 2.2(1) A vulnerability in the Cisco Intercloud Fabric (ICF) Director could allow an unauthenticated, remote attacker to connect to internal services with an internal account. | 6.5 |
| 2016-12-02 | CVE-2016-9479 | Credentials Management vulnerability in B2Evolution The "lost password" functionality in b2evolution before 6.7.9 allows remote attackers to reset arbitrary user passwords via a crafted request. | 7.5 |
| 2016-11-30 | CVE-2016-2871 | Credentials Management vulnerability in IBM Qradar Security Information and Event Manager IBM QRadar SIEM 7.1 before MR2 Patch 13 and 7.2 before 7.2.7 uses cleartext storage for unspecified passwords, which allows local users to obtain sensitive information by reading a configuration file. | 7.8 |
| 2016-11-30 | CVE-2016-5890 | Credentials Management vulnerability in IBM Sterling B2B Integrator 5.2 IBM Sterling B2B Integrator 5.2 before 5020500_14 and 5.2 06 before 5020602_1 allows remote authenticated users to change arbitrary passwords via unspecified vectors. | 5.3 |
| 2016-11-30 | CVE-2016-2936 | Credentials Management vulnerability in IBM Bigfix Remote Control 9.1.2 IBM BigFix Remote Control before 9.1.3 uses cleartext storage for unspecified passwords, which allows local users to obtain sensitive information via unknown vectors. | 7.3 |
| 2016-09-24 | CVE-2016-6531 | Credentials Management vulnerability in Opendental Open Dental 16.1 and earlier has a hardcoded MySQL root password, which allows remote attackers to obtain administrative access by leveraging access to intranet TCP port 3306. | 9.8 |