Vulnerabilities > Insufficiently Protected Credentials
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-10-17 | CVE-2022-3206 | Insufficiently Protected Credentials vulnerability in Passster Project Passster The Passster WordPress plugin before 3.5.5.5.2 stores the password inside a cookie named "passster" using base64 encoding method which is easy to decode. | 5.9 |
| 2022-10-13 | CVE-2022-31130 | Insufficiently Protected Credentials vulnerability in Grafana Grafana is an open source observability and data visualization platform. | 7.5 |
| 2022-10-11 | CVE-2022-38465 | Insufficiently Protected Credentials vulnerability in Siemens products A vulnerability has been identified in SIMATIC Drive Controller family (All versions < V2.9.2), SIMATIC ET 200SP Open Controller CPU 1515SP PC (incl. | 7.8 |
| 2022-09-29 | CVE-2022-39168 | Insufficiently Protected Credentials vulnerability in IBM products IBM Robotic Process Automation Clients are vulnerable to proxy credentials being exposed in upgrade logs. | 7.5 |
| 2022-09-29 | CVE-2020-15341 | Insufficiently Protected Credentials vulnerability in Zyxel Cloudcnm Secumanager 3.1.0/3.1.1 Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has an unauthenticated update_all_realm_license API. | 7.5 |
| 2022-09-29 | CVE-2020-15347 | Insufficiently Protected Credentials vulnerability in Zyxel Cloudcnm Secumanager 3.1.0/3.1.1 Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has the q6xV4aW8bQ4cfD-b password for the axiros account. | 9.8 |
| 2022-09-28 | CVE-2022-29089 | Insufficiently Protected Credentials vulnerability in Dell Smartfabric Os10 Dell Networking OS10, versions prior to October 2021 with Smart Fabric Services enabled, contains an information disclosure vulnerability. | 4.9 |
| 2022-09-27 | CVE-2022-37193 | Insufficiently Protected Credentials vulnerability in Chipolo 4.13.0 Chipolo ONE Bluetooth tracker (2020) Chipolo iOS app version 4.13.0 is vulnerable to Incorrect Access Control. | 7.4 |
| 2022-09-21 | CVE-2022-41247 | Insufficiently Protected Credentials vulnerability in Jenkins Bigpanda Notifier Jenkins BigPanda Notifier Plugin 1.4.0 and earlier stores the BigPanda API key unencrypted in its global configuration file on the Jenkins controller where they can be viewed by users with access to the Jenkins controller file system. | 4.3 |
| 2022-09-21 | CVE-2022-41255 | Insufficiently Protected Credentials vulnerability in Jenkins Cons3Rt 1.0.0 Jenkins CONS3RT Plugin 1.0.0 and earlier stores Cons3rt API token unencrypted in job config.xml files on the Jenkins controller where it can be viewed by users with access to the Jenkins controller file system. | 6.5 |