Vulnerabilities > Insufficiently Protected Credentials

DATE	CVE	VULNERABILITY TITLE	RISK
2024-12-19	CVE-2022-33954	IBM Robotic Process Automation 21.0.1, 21.0.2, and 21.0.3 could allow a user with psychical access to the system to obtain sensitive information due to insufficiently protected credentials. low complexity CWE-522	4.6
2024-12-12	CVE-2024-54471	Insufficiently Protected Credentials vulnerability in Apple Macos This issue was addressed with additional entitlement checks. local low complexity apple CWE-522	5.5
2024-12-10	CVE-2024-53832	A vulnerability has been identified in CPCI85 Central Processing/Communication (All versions < V05.30). low complexity CWE-522	4.6
2024-11-18	CVE-2021-1232	A vulnerability in the web-based management interface of Cisco SD-WAN vManage Software could allow an authenticated, remote attacker to read arbitrary files on the underlying filesystem of an affected system. This vulnerability is due to insufficient access control for sensitive information that is written to an affected system. network low complexity CWE-522	6.5
2024-11-04	CVE-2024-34882	Insufficiently Protected Credentials vulnerability in Bitrix24 23.300.100 Insufficiently protected credentials in SMTP server settings in 1C-Bitrix Bitrix24 23.300.100 allows remote administrators to send SMTP account passwords to an arbitrary server via HTTP POST request. network low complexity bitrix24 CWE-522	4.9
2024-11-04	CVE-2024-34883	Insufficiently Protected Credentials vulnerability in Bitrix24 23.300.100 Insufficiently protected credentials in DAV server settings in 1C-Bitrix Bitrix24 23.300.100 allow remote administrators to read proxy-server accounts passwords via HTTP GET request. network low complexity bitrix24 CWE-522	4.9
2024-11-04	CVE-2024-34887	Insufficiently Protected Credentials vulnerability in Bitrix24 23.300.100 Insufficiently protected credentials in AD/LDAP server settings in 1C-Bitrix Bitrix24 23.300.100 allows remote administrators to send AD/LDAP administrators account passwords to an arbitrary server via HTTP POST request. network low complexity bitrix24 CWE-522	4.9
2024-10-23	CVE-2023-50310	Insufficiently Protected Credentials vulnerability in IBM Cics Transaction Gateway 9.2/9.3 IBM CICS Transaction Gateway for Multiplatforms 9.2 and 9.3 transmits or stores authentication credentials, but it uses an insecure method that is susceptible to unauthorized interception and/or retrieval. network low complexity ibm CWE-522	7.5
2024-10-22	CVE-2024-9677	Insufficiently Protected Credentials vulnerability in Zyxel UOS 1.20/1.21 The insufficiently protected credentials vulnerability in the CLI command of the USG FLEX H series uOS firmware version V1.21 and earlier versions could allow an authenticated local attacker to gain privilege escalation by stealing the authentication token of a login administrator. local low complexity zyxel CWE-522	7.8
2024-10-20	CVE-2024-44000	Insufficiently Protected Credentials vulnerability in Litespeedtech Litespeed Cache Insufficiently Protected Credentials vulnerability in LiteSpeed Technologies LiteSpeed Cache allows Authentication Bypass.This issue affects LiteSpeed Cache: from n/a before 6.5.0.1. network low complexity litespeedtech CWE-522 critical	9.8