Vulnerabilities > Insecure Storage of Sensitive Information
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-05-24 | CVE-2020-28911 | Insecure Storage of Sensitive Information vulnerability in Nagios Fusion Incorrect Access Control in Nagios Fusion 4.1.8 and earlier allows low-privileged authenticated users to extract passwords used to manage fused servers via the test_server command in ajaxhelper.php. | 6.5 |
| 2021-05-19 | CVE-2020-4765 | Insecure Storage of Sensitive Information vulnerability in IBM Cloud PAK for Multicloud Management IBM Cloud Pak for Multicloud Management prior to 2.3 allows web pages to be stored locally which can be read by another user on the system. | 3.3 |
| 2021-05-14 | CVE-2021-20391 | Insecure Storage of Sensitive Information vulnerability in IBM Qradar User Behavior Analytics 1.0.0/4.1.0 IBM QRadar User Behavior Analytics 1.0.0 through 4.1.0 allows web pages to be stored locally which can be read by another user on the system. | 3.3 |
| 2021-03-19 | CVE-2021-28653 | Insecure Storage of Sensitive Information vulnerability in Westerndigital Armorlock The iOS and macOS apps before 1.4.1 for the Western Digital G-Technology ArmorLock NVMe SSD store keys insecurely. | 6.5 |
| 2021-03-02 | CVE-2020-4726 | Insecure Storage of Sensitive Information vulnerability in IBM Cloud Application Performance Management 8.1.4 The IBM Application Performance Monitoring UI (IBM Cloud APM 8.1.4) allows web pages to be stored locally which can be read by another user on the system. | 3.3 |
| 2021-02-10 | CVE-2021-27170 | Insecure Storage of Sensitive Information vulnerability in Fiberhome Hg6245D Firmware Rp2613 An issue was discovered on FiberHome HG6245D devices through RP2613. | 9.8 |
| 2021-02-03 | CVE-2021-25776 | Insecure Storage of Sensitive Information vulnerability in Jetbrains Teamcity In JetBrains TeamCity before 2020.2, an ECR token could be exposed in a build's parameters. | 7.5 |
| 2021-01-29 | CVE-2020-29603 | Insecure Storage of Sensitive Information vulnerability in Mantisbt In manage_proj_edit_page.php in MantisBT before 2.24.4, any unprivileged logged-in user can retrieve Private Projects' names via the manage_proj_edit_page.php project_id parameter, without having access to them. | 4.3 |
| 2021-01-19 | CVE-2020-4871 | Insecure Storage of Sensitive Information vulnerability in IBM Planning Analytics 2.0 IBM Planning Analytics 2.0 allows web pages to be stored locally which can be read by another user on the system. | 5.5 |
| 2021-01-12 | CVE-2020-4674 | Insecure Storage of Sensitive Information vulnerability in IBM Workload Automation 9.5 IBM Workload Automation 9.5 stores the server path in URLs that could aid in further attacks against the system. | 4.3 |