Vulnerabilities > Insufficiently Protected Credentials
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-03-03 | CVE-2023-0457 | Insufficiently Protected Credentials vulnerability in Mitsubishielectric products Plaintext Storage of a Password vulnerability in Mitsubishi Electric Corporation MELSEC iQ-F Series FX5U(C) CPU modules all models all versions, FX5UJ CPU modules all models all versions, FX5S CPU modules all models all versions, FX5-ENET all versions and FX5-ENET/IP all versions allows a remote unauthenticated attacker to disclose plaintext credentials stored in project files and login into FTP server or Web server. | 7.5 |
| 2023-03-01 | CVE-2022-37935 | Insufficiently Protected Credentials vulnerability in HP Oneview for VMWare Vcenter HPE OneView for VMware vCenter, in certain circumstances, may disclose the “HPE OneView” Username and Password. | 5.5 |
| 2023-02-22 | CVE-2022-45599 | Insufficiently Protected Credentials vulnerability in Aztech Wmb250Ac Firmware 0162020 Aztech WMB250AC Mesh Routers Firmware Version 016 2020 is vulnerable to PHP Type Juggling in file /var/www/login.php, allows attackers to gain escalated privileges only when specific conditions regarding a given accounts hashed password. | 9.8 |
| 2023-02-16 | CVE-2022-47703 | Insufficiently Protected Credentials vulnerability in Tianjie Cpe906-3 and Cpe906-3 Firmware TIANJIE CPE906-3 is vulnerable to password disclosure. | 7.5 |
| 2023-02-16 | CVE-2022-41614 | Insufficiently Protected Credentials vulnerability in Intel on Event Series Insufficiently protected credentials in the Intel(R) ON Event Series Android application before version 2.0 may allow an authenticated user to potentially enable information disclosure via local access. | 5.5 |
| 2023-02-16 | CVE-2022-40678 | Insufficiently Protected Credentials vulnerability in Fortinet Fortinac An insufficiently protected credentials in Fortinet FortiNAC versions 9.4.0, 9.2.0 through 9.2.5, 9.1.0 through 9.1.7, 8.8.0 through 8.8.11, 8.7.0 through 8.7.6, 8.6.0 through 8.6.5, 8.5.0 through 8.5.4, 8.3.7 may allow a local attacker with database access to recover user passwords. | 7.8 |
| 2023-02-16 | CVE-2022-43969 | Insufficiently Protected Credentials vulnerability in Ricoh products Ricoh mp_c4504ex devices with firmware 1.06 mishandle credentials. | 9.1 |
| 2023-02-15 | CVE-2023-23463 | Insufficiently Protected Credentials vulnerability in Sunellsecurity products Sunell DVR, latest version, Insufficiently Protected Credentials (CWE-522) may be exposed through an unspecified request. | 7.5 |
| 2023-02-15 | CVE-2023-23466 | Insufficiently Protected Credentials vulnerability in Mediacp Media Control Panel 2.13.1 Media CP Media Control Panel latest version. | 7.5 |
| 2023-02-15 | CVE-2023-24498 | Insufficiently Protected Credentials vulnerability in Netgear Prosafe Fs726Tp Firmware An uspecified endpoint in the web server of the switch does not properly authenticate the user identity, and may allow downloading a config page with the password to the switch in clear text. | 7.5 |