Vulnerabilities > Insufficiently Protected Credentials
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-04-25 | CVE-2023-28088 | Insufficiently Protected Credentials vulnerability in HP Oneview An HPE OneView appliance dump may expose SAN switch administrative credentials | 7.8 |
| 2023-04-25 | CVE-2023-28089 | Insufficiently Protected Credentials vulnerability in HP Oneview An HPE OneView appliance dump may expose FTP credentials for c7000 Interconnect Modules | 7.1 |
| 2023-04-25 | CVE-2023-28090 | Insufficiently Protected Credentials vulnerability in HP Oneview An HPE OneView appliance dump may expose SNMPv3 read credentials | 5.5 |
| 2023-04-24 | CVE-2023-30776 | Insufficiently Protected Credentials vulnerability in Apache Superset An authenticated user with specific data permissions could access database connections stored passwords by requesting a specific REST API. This issue affects Apache Superset version 1.3.0 up to 2.0.1. | 6.5 |
| 2023-04-24 | CVE-2023-28131 | Insufficiently Protected Credentials vulnerability in Expo Software Development KIT 45.0.0/46.0.0/47.0.0 A vulnerability in the expo.io framework allows an attacker to take over accounts and steal credentials on an application/website that configured the "Expo AuthSession Redirect Proxy" for social sign-in. | 9.6 |
| 2023-04-21 | CVE-2021-33589 | Insufficiently Protected Credentials vulnerability in Ribose RNP Ribose RNP before 0.15.1 does not implement a required step in a cryptographic algorithm, resulting in weaker encryption than on the tin of the algorithm. | 7.5 |
| 2023-04-19 | CVE-2022-4308 | Insufficiently Protected Credentials vulnerability in Secomea Gatemanager 9.6.621421014 Plaintext Storage of a Password vulnerability in Secomea GateManager (USB wizard) allows Authentication abuse on SiteManager, if the generated file is leaked. | 8.8 |
| 2023-04-19 | CVE-2023-25760 | Insufficiently Protected Credentials vulnerability in Uniguest Tripleplay 3.4.0 Incorrect Access Control in Tripleplay Platform releases prior to Caveman 3.4.0 allows authenticated user to modify other users passwords via a crafted request payload | 8.8 |
| 2023-04-11 | CVE-2023-25407 | Insufficiently Protected Credentials vulnerability in Aten Pe8108 Firmware 2.4.232 Aten PE8108 2.4.232 is vulnerable to Incorrect Access Control. | 7.2 |
| 2023-04-11 | CVE-2023-25413 | Insufficiently Protected Credentials vulnerability in Aten Pe8108 Firmware 2.4.232 Aten PE8108 2.4.232 is vulnerable to Incorrect Access Control. | 7.5 |