Vulnerabilities > Insufficiently Protected Credentials
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-12-20 | CVE-2024-56354 | Insufficiently Protected Credentials vulnerability in Jetbrains Teamcity In JetBrains TeamCity before 2024.12 password field value were accessible to users with view settings permission | 4.9 |
| 2024-12-19 | CVE-2022-33954 | Insufficiently Protected Credentials vulnerability in IBM Robotic Process Automation 21.0.1/21.0.2/21.0.3 IBM Robotic Process Automation 21.0.1, 21.0.2, and 21.0.3 could allow a user with psychical access to the system to obtain sensitive information due to insufficiently protected credentials. | 4.6 |
| 2024-12-17 | CVE-2024-49817 | Insufficiently Protected Credentials vulnerability in IBM Security Guardium KEY Lifecycle Manager IBM Security Guardium Key Lifecycle Manager 4.1, 4.1.1, 4.2.0, and 4.2.1 stores user credentials in configuration files which can be read by a local privileged user. | 4.4 |
| 2024-12-12 | CVE-2024-54471 | Insufficiently Protected Credentials vulnerability in Apple Macos This issue was addressed with additional entitlement checks. | 5.5 |
| 2024-12-11 | CVE-2024-53292 | Insufficiently Protected Credentials vulnerability in Dell Vxrail Hyperconverged Infrastructure Dell VxVerify, versions prior to x.40.405, contain a Plain-text Password Storage Vulnerability in the shell wrapper. | 6.7 |
| 2024-12-10 | CVE-2024-53832 | A vulnerability has been identified in CPCI85 Central Processing/Communication (All versions < V05.30). low complexity CWE-522 | 4.6 |
| 2024-11-18 | CVE-2021-1232 | A vulnerability in the web-based management interface of Cisco SD-WAN vManage Software could allow an authenticated, remote attacker to read arbitrary files on the underlying filesystem of an affected system. This vulnerability is due to insufficient access control for sensitive information that is written to an affected system. | 6.5 |
| 2024-11-04 | CVE-2024-34882 | Insufficiently Protected Credentials vulnerability in Bitrix24 23.300.100 Insufficiently protected credentials in SMTP server settings in 1C-Bitrix Bitrix24 23.300.100 allows remote administrators to send SMTP account passwords to an arbitrary server via HTTP POST request. | 4.9 |
| 2024-11-04 | CVE-2024-34883 | Insufficiently Protected Credentials vulnerability in Bitrix24 23.300.100 Insufficiently protected credentials in DAV server settings in 1C-Bitrix Bitrix24 23.300.100 allow remote administrators to read proxy-server accounts passwords via HTTP GET request. | 4.9 |
| 2024-11-04 | CVE-2024-34887 | Insufficiently Protected Credentials vulnerability in Bitrix24 23.300.100 Insufficiently protected credentials in AD/LDAP server settings in 1C-Bitrix Bitrix24 23.300.100 allows remote administrators to send AD/LDAP administrators account passwords to an arbitrary server via HTTP POST request. | 4.9 |