Vulnerabilities > Insufficiently Protected Credentials

DATE CVE VULNERABILITY TITLE RISK
2022-06-23 CVE-2022-34213 Insufficiently Protected Credentials vulnerability in Jenkins Squash TM Publisher 1.0.0
Jenkins Squash TM Publisher (Squash4Jenkins) Plugin 1.0.0 and earlier stores passwords unencrypted in its global configuration file on the Jenkins controller where they can be viewed by users with access to the Jenkins controller file system.
network
low complexity
jenkins CWE-522
4.0
2022-06-17 CVE-2022-21184 Insufficiently Protected Credentials vulnerability in Atvise 3.5.4/3.6/3.7
An information disclosure vulnerability exists in the License registration functionality of Bachmann Visutec GmbH Atvise 3.5.4, 3.6 and 3.7.
network
atvise CWE-522
4.3
2022-06-16 CVE-2020-28865 Insufficiently Protected Credentials vulnerability in Powerjob
An issue was discovered in PowerJob through 3.2.2, allows attackers to change arbitrary user passwords via the id parameter to /appinfo/save.
network
low complexity
powerjob CWE-522
5.0
2022-06-15 CVE-2022-31044 Insufficiently Protected Credentials vulnerability in Pagerduty Rundeck 4.2.0/4.2.1
Rundeck is an open source automation service with a web console, command line tools and a WebAPI.
network
low complexity
pagerduty CWE-522
5.0
2022-06-15 CVE-2022-1342 Insufficiently Protected Credentials vulnerability in Devolutions Remote Desktop Manager
A lack of password masking in Devolutions Remote Desktop Manager allows physically proximate attackers to observe sensitive data.
local
low complexity
devolutions CWE-522
2.1
2022-06-14 CVE-2022-30231 Insufficiently Protected Credentials vulnerability in Siemens Sicam Gridedge Essential
A vulnerability has been identified in SICAM GridEdge Essential ARM (All versions < V2.6.6), SICAM GridEdge Essential Intel (All versions < V2.6.6), SICAM GridEdge Essential with GDS ARM (All versions < V2.6.6), SICAM GridEdge Essential with GDS Intel (All versions < V2.6.6).
network
low complexity
siemens CWE-522
4.0
2022-06-06 CVE-2022-22396 Insufficiently Protected Credentials vulnerability in IBM Spectrum Protect Plus
Credentials are printed in clear text in the IBM Spectrum Protect Plus 10.1.0.0 through 10.1.9.3 virgo log file in certain cases.
network
low complexity
ibm CWE-522
5.0
2022-06-02 CVE-2022-29085 Insufficiently Protected Credentials vulnerability in Dell products
Dell Unity, Dell UnityVSA, and Dell Unity XT versions prior to 5.2.0.0.5.173 contain a plain-text password storage vulnerability when certain off-array tools are run on the system.
local
low complexity
dell CWE-522
4.6
2022-06-02 CVE-2022-22767 Insufficiently Protected Credentials vulnerability in BD products
Specific BD Pyxis™ products were installed with default credentials and may presently still operate with these credentials.
low complexity
bd CWE-522
8.3
2022-06-02 CVE-2022-27774 Insufficiently Protected Credentials vulnerability in Haxx Curl
An insufficiently protected credentials vulnerability exists in curl 4.9 to and include curl 7.82.0 are affected that could allow an attacker to extract credentials when follows HTTP(S) redirects is used with authentication could leak credentials to other services that exist on different protocols or port numbers.
network
haxx CWE-522
3.5