Vulnerabilities > Insufficiently Protected Credentials

DATE CVE VULNERABILITY TITLE RISK
2021-02-23 CVE-2021-3252 Insufficiently Protected Credentials vulnerability in Kaco-Newenergy Xp100U Firmware Xpjava2.0
KACO New Energy XP100U Up to XP-JAVA 2.0 is affected by incorrect access control.
network
low complexity
kaco-newenergy CWE-522
5.0
2021-02-18 CVE-2021-20445 Insufficiently Protected Credentials vulnerability in IBM Maximo for Civil Infrastructure 7.6.2
IBM Maximo for Civil Infrastructure 7.6.2 could allow a user to obtain sensitive information due to insecure storeage of authentication credentials.
network
low complexity
ibm CWE-522
4.0
2021-02-12 CVE-2021-27187 Insufficiently Protected Credentials vulnerability in Xn--B1Agzlht FX Aggregator Terminal Client 1.0
The Sovremennye Delovye Tekhnologii FX Aggregator terminal client 1 stores authentication credentials in cleartext in login.sav when the Save Password box is checked.
network
low complexity
xn-b1agzlht CWE-522
5.0
2021-02-08 CVE-2020-14391 Insufficiently Protected Credentials vulnerability in Gnome Control Center
A flaw was found in the GNOME Control Center in Red Hat Enterprise Linux 8 versions prior to 8.2, where it improperly uses Red Hat Customer Portal credentials when a user registers a system through the GNOME Settings User Interface.
local
low complexity
gnome CWE-522
2.1
2021-02-08 CVE-2021-26905 Insufficiently Protected Credentials vulnerability in 1Password Scim Bridge
1Password SCIM Bridge before 1.6.2 mishandles validation of authenticated requests for log files, leading to disclosure of a TLS private key.
network
low complexity
1password CWE-522
4.0
2021-02-05 CVE-2020-10375 Insufficiently Protected Credentials vulnerability in Newmediacompany Smarty
An issue was discovered in New Media Smarty before 9.10.
local
low complexity
newmediacompany CWE-522
2.1
2021-02-05 CVE-2020-10538 Insufficiently Protected Credentials vulnerability in Epikur 20.1.0.1
An issue was discovered in Epikur before 20.1.1.
local
low complexity
epikur CWE-522
2.1
2021-02-04 CVE-2020-14246 Insufficiently Protected Credentials vulnerability in Hcltechsw Onetest Performance 10.0.0/10.1.0/9.5.0
HCL OneTest Performance V9.5, V10.0, V10.1 uses basic authentication which is relatively weak.
network
low complexity
hcltechsw CWE-522
5.0
2021-02-01 CVE-2019-20470 Insufficiently Protected Credentials vulnerability in Tk-Star Q90 Junior GPS Horloge Firmware 3.1042.9.8656
An issue was discovered on TK-Star Q90 Junior GPS horloge 3.1042.9.8656 devices.
network
low complexity
tk-star CWE-522
5.0
2021-02-01 CVE-2020-13859 Insufficiently Protected Credentials vulnerability in Mofinetwork Mofi4500-4Gxelte Firmware 4.0.8Std
An issue was discovered on Mofi Network MOFI4500-4GXeLTE 4.0.8-std devices.
network
low complexity
mofinetwork CWE-522
5.0