Vulnerabilities > Insufficiently Protected Credentials
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-06-27 | CVE-2023-28857 | Insufficiently Protected Credentials vulnerability in Apereo Central Authentication Service Apereo CAS is an open source multilingual single sign-on solution for the web. | 7.5 |
| 2023-06-16 | CVE-2023-35789 | Insufficiently Protected Credentials vulnerability in Rabbitmq-C Project Rabbitmq-C An issue was discovered in the C AMQP client library (aka rabbitmq-c) through 0.13.0 for RabbitMQ. | 5.5 |
| 2023-06-13 | CVE-2022-47376 | Insufficiently Protected Credentials vulnerability in BD Alaris Infusion Central 1.1/1.3.2 The Alaris Infusion Central software, versions 1.1 to 1.3.2, may contain a recoverable password after the installation. | 7.3 |
| 2023-06-13 | CVE-2023-33620 | Insufficiently Protected Credentials vulnerability in Gl-Inet Gl-Ar750S Firmware 3.215 GL.iNET GL-AR750S-Ext firmware v3.215 uses an insecure protocol in its communications which allows attackers to eavesdrop via a man-in-the-middle attack. | 5.9 |
| 2023-06-13 | CVE-2023-26204 | Insufficiently Protected Credentials vulnerability in Fortinet Fortisiem A plaintext storage of a password vulnerability [CWE-256] in FortiSIEM 6.7 all versions, 6.6 all versions, 6.5 all versions, 6.4 all versions, 6.3 all versions, 6.2 all versions, 6.1 all versions, 5.4 all versions, 5.3 all versions may allow an attacker able to access user DB content to impersonate any admin user on the device GUI. | 9.8 |
| 2023-06-07 | CVE-2023-29168 | Insufficiently Protected Credentials vulnerability in PTC Vuforia Studio The local Vuforia web application does not support HTTPS, and federated credentials are passed via basic authentication. | 7.5 |
| 2023-06-06 | CVE-2023-27126 | Insufficiently Protected Credentials vulnerability in Tp-Link Tapo C200 Firmware 1.2.2 The AES Key-IV pair used by the TP-Link TAPO C200 camera V3 (EU) on firmware version 1.1.22 Build 220725 is reused across all cameras. | 4.6 |
| 2023-05-30 | CVE-2023-31187 | Insufficiently Protected Credentials vulnerability in Avaya IX Workforce Engagement 15.2.7.1195 Avaya IX Workforce Engagement v15.2.7.1195 - CWE-522: Insufficiently Protected Credentials | 6.5 |
| 2023-05-29 | CVE-2023-32687 | Insufficiently Protected Credentials vulnerability in Tgstation13 Tgstation-Server tgstation-server is a toolset to manage production BYOND servers. | 6.5 |
| 2023-05-25 | CVE-2023-33263 | Insufficiently Protected Credentials vulnerability in Wftpd Project Wftpd 3.25 In WFTPD 3.25, usernames and password hashes are stored in an openly viewable wftpd.ini configuration file within the WFTPD directory. | 7.5 |