Vulnerabilities > Insufficiently Protected Credentials
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-07-13 | CVE-2023-34128 | Insufficiently Protected Credentials vulnerability in Sonicwall Analytics and Global Management System Tomcat application credentials are hardcoded in SonicWall GMS and Analytics configuration file. | 9.8 |
| 2023-07-12 | CVE-2023-36266 | Insufficiently Protected Credentials vulnerability in Keepersecurity Keeper and Keeperfill An issue was discovered in Keeper Password Manager for Desktop version 16.10.2, and the KeeperFill Browser Extensions version 16.5.4, allows local attackers to gain sensitive information via plaintext password storage in memory after the user is already logged in, and may persist after logout. | 5.5 |
| 2023-07-12 | CVE-2023-37951 | Insufficiently Protected Credentials vulnerability in Jenkins Mabl Jenkins mabl Plugin 0.0.46 and earlier does not set the appropriate context for credentials lookup, allowing attackers with Item/Configure permission to access and capture credentials they are not entitled to. | 6.5 |
| 2023-06-29 | CVE-2023-36476 | Insufficiently Protected Credentials vulnerability in Nixos Calamares-Nixos-Extensions calamares-nixos-extensions provides Calamares branding and modules for NixOS, a distribution of GNU/Linux. | 5.5 |
| 2023-06-27 | CVE-2020-18406 | Insufficiently Protected Credentials vulnerability in Cmseasy 7.0 An issue was discovered in cmseasy v7.0.0 that allows user credentials to be sent in clear text due to no encryption of form data. | 7.5 |
| 2023-06-27 | CVE-2023-28857 | Insufficiently Protected Credentials vulnerability in Apereo Central Authentication Service Apereo CAS is an open source multilingual single sign-on solution for the web. | 7.5 |
| 2023-06-16 | CVE-2023-35789 | Insufficiently Protected Credentials vulnerability in Rabbitmq-C Project Rabbitmq-C An issue was discovered in the C AMQP client library (aka rabbitmq-c) through 0.13.0 for RabbitMQ. | 5.5 |
| 2023-06-13 | CVE-2022-47376 | Insufficiently Protected Credentials vulnerability in BD Alaris Infusion Central 1.1/1.3.2 The Alaris Infusion Central software, versions 1.1 to 1.3.2, may contain a recoverable password after the installation. | 7.3 |
| 2023-06-13 | CVE-2023-33620 | Insufficiently Protected Credentials vulnerability in Gl-Inet Gl-Ar750S Firmware 3.215 GL.iNET GL-AR750S-Ext firmware v3.215 uses an insecure protocol in its communications which allows attackers to eavesdrop via a man-in-the-middle attack. | 5.9 |
| 2023-06-13 | CVE-2023-26204 | Insufficiently Protected Credentials vulnerability in Fortinet Fortisiem A plaintext storage of a password vulnerability [CWE-256] in FortiSIEM 6.7 all versions, 6.6 all versions, 6.5 all versions, 6.4 all versions, 6.3 all versions, 6.2 all versions, 6.1 all versions, 5.4 all versions, 5.3 all versions may allow an attacker able to access user DB content to impersonate any admin user on the device GUI. | 9.8 |