Vulnerabilities > Insufficiently Protected Credentials
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-04-21 | CVE-2021-33589 | Insufficiently Protected Credentials vulnerability in Ribose RNP Ribose RNP before 0.15.1 does not implement a required step in a cryptographic algorithm, resulting in weaker encryption than on the tin of the algorithm. | 7.5 |
| 2023-04-19 | CVE-2022-4308 | Insufficiently Protected Credentials vulnerability in Secomea Gatemanager 9.6.621421014 Plaintext Storage of a Password vulnerability in Secomea GateManager (USB wizard) allows Authentication abuse on SiteManager, if the generated file is leaked. | 8.8 |
| 2023-04-19 | CVE-2023-25760 | Insufficiently Protected Credentials vulnerability in Uniguest Tripleplay 3.4.0 Incorrect Access Control in Tripleplay Platform releases prior to Caveman 3.4.0 allows authenticated user to modify other users passwords via a crafted request payload | 8.8 |
| 2023-04-11 | CVE-2023-25407 | Insufficiently Protected Credentials vulnerability in Aten Pe8108 Firmware 2.4.232 Aten PE8108 2.4.232 is vulnerable to Incorrect Access Control. | 7.2 |
| 2023-04-11 | CVE-2023-25413 | Insufficiently Protected Credentials vulnerability in Aten Pe8108 Firmware 2.4.232 Aten PE8108 2.4.232 is vulnerable to Incorrect Access Control. | 7.5 |
| 2023-04-02 | CVE-2023-1574 | Insufficiently Protected Credentials vulnerability in Devolutions Remote Desktop Manager Information disclosure in the user creation feature of a MSSQL data source in Devolutions Remote Desktop Manager 2023.1.9 and below on Windows allows an attacker with access to the user interface to obtain sensitive information via the error message dialog that displays the password in clear text. | 6.5 |
| 2023-03-29 | CVE-2022-48433 | Insufficiently Protected Credentials vulnerability in Jetbrains Intellij Idea In JetBrains IntelliJ IDEA before 2023.1 the NTLM hash could leak through an API method used in the IntelliJ IDEA built-in web server. | 7.5 |
| 2023-03-28 | CVE-2023-1518 | Insufficiently Protected Credentials vulnerability in Cpplusworld Kvms PRO 2.01.0.T.190521 CP Plus KVMS Pro versions 2.01.0.T.190521 and prior are vulnerable to sensitive credentials being leaked because they are insufficiently protected. | 7.5 |
| 2023-03-27 | CVE-2023-1137 | Insufficiently Protected Credentials vulnerability in Deltaww Infrasuite Device Master 00.00.01A/00.00.02A Delta Electronics InfraSuite Device Master versions prior to 1.0.5 contain a vulnerability in which a low-level user could extract files and plaintext credentials of administrator users, resulting in privilege escalation. | 8.8 |
| 2023-03-21 | CVE-2023-25686 | Insufficiently Protected Credentials vulnerability in IBM Security KEY Lifecycle Manager IBM Security Guardium Key Lifecycle Manager 3.0, 3.0.1, 4.0, 4.1, and 4.1.1 stores user credentials in plain clear text which can be read by a local user. | 5.5 |