Vulnerabilities > Insufficiently Protected Credentials
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-03-03 | CVE-2023-0457 | Insufficiently Protected Credentials vulnerability in Mitsubishielectric products Plaintext Storage of a Password vulnerability in Mitsubishi Electric Corporation MELSEC iQ-F Series, MELSEC iQ-R Series, MELSEC-Q Series and MELSEC-L Series allows a remote unauthenticated attacker to disclose plaintext credentials stored in project files and login into FTP server or Web server. | 7.5 |
| 2023-02-22 | CVE-2022-45599 | Insufficiently Protected Credentials vulnerability in Aztech Wmb250Ac Firmware 0162020 Aztech WMB250AC Mesh Routers Firmware Version 016 2020 is vulnerable to PHP Type Juggling in file /var/www/login.php, allows attackers to gain escalated privileges only when specific conditions regarding a given accounts hashed password. | 9.8 |
| 2023-02-16 | CVE-2022-41614 | Insufficiently Protected Credentials vulnerability in Intel on Event Series Insufficiently protected credentials in the Intel(R) ON Event Series Android application before version 2.0 may allow an authenticated user to potentially enable information disclosure via local access. | 5.5 |
| 2023-02-16 | CVE-2022-40678 | Insufficiently Protected Credentials vulnerability in Fortinet Fortinac An insufficiently protected credentials in Fortinet FortiNAC versions 9.4.0, 9.2.0 through 9.2.5, 9.1.0 through 9.1.7, 8.8.0 through 8.8.11, 8.7.0 through 8.7.6, 8.6.0 through 8.6.5, 8.5.0 through 8.5.4, 8.3.7 may allow a local attacker with database access to recover user passwords. | 7.8 |
| 2023-02-15 | CVE-2023-23463 | Insufficiently Protected Credentials vulnerability in Sunellsecurity products Sunell DVR, latest version, Insufficiently Protected Credentials (CWE-522) may be exposed through an unspecified request. | 7.5 |
| 2023-02-15 | CVE-2023-23466 | Insufficiently Protected Credentials vulnerability in Mediacp Media Control Panel 2.13.1 Media CP Media Control Panel latest version. | 7.5 |
| 2023-02-15 | CVE-2023-24498 | Insufficiently Protected Credentials vulnerability in Netgear Prosafe Fs726Tp Firmware An uspecified endpoint in the web server of the switch does not properly authenticate the user identity, and may allow downloading a config page with the password to the switch in clear text. | 7.5 |
| 2023-02-15 | CVE-2023-25191 | Insufficiently Protected Credentials vulnerability in AMI Megarac Sp-X 12/13 AMI MegaRAC SPX devices allow Password Disclosure through Redfish. | 7.5 |
| 2023-02-13 | CVE-2023-24619 | Insufficiently Protected Credentials vulnerability in Redpanda Redpanda before 22.3.12 discloses cleartext AWS credentials. | 5.5 |
| 2023-02-13 | CVE-2022-43460 | Insufficiently Protected Credentials vulnerability in Fujifilm Driver Distributor 2.2.3.1 Driver Distributor v2.2.3.1 and earlier contains a vulnerability where passwords are stored in a recoverable format. | 7.5 |