Vulnerabilities > Insufficiently Protected Credentials
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-09-23 | CVE-2021-20434 | Insufficiently Protected Credentials vulnerability in IBM Security Verify Bridge IBM Security Verify Bridge 1.0.5.0 stores user credentials in plain clear text which can be read by a local user. | 4.4 |
| 2021-09-23 | CVE-2021-38863 | Insufficiently Protected Credentials vulnerability in IBM Security Verify Bridge IBM Security Verify Bridge 1.0.5.0 stores user credentials in plain clear text which can be read by a locally authenticated user. | 5.5 |
| 2021-09-23 | CVE-2021-1589 | Insufficiently Protected Credentials vulnerability in Cisco Sd-Wan A vulnerability in the disaster recovery feature of Cisco SD-WAN vManage Software could allow an authenticated, remote attacker to gain unauthorized access to user credentials. | 6.5 |
| 2021-09-20 | CVE-2021-29811 | Insufficiently Protected Credentials vulnerability in IBM Tivoli Netcool/Omnibus Webgui 8.1.0 IBM Jazz for Service Management and IBM Tivoli Netcool/OMNIbus_GUI 8.1.0 stores user credentials in plain clear text which can be read by an authenticated admin user. | 4.9 |
| 2021-09-09 | CVE-2021-28498 | Insufficiently Protected Credentials vulnerability in Arista Metamako Operating System In Arista's MOS (Metamako Operating System) software which is supported on the 7130 product line, user enable passwords set in clear text could result in unprivileged users getting complete access to the systems. | 7.8 |
| 2021-09-09 | CVE-2021-28499 | Insufficiently Protected Credentials vulnerability in Arista Metamako Operating System In Arista's MOS (Metamako Operating System) software which is supported on the 7130 product line, user account passwords set in clear text could leak to users without any password. | 5.5 |
| 2021-09-02 | CVE-2021-34733 | Insufficiently Protected Credentials vulnerability in Cisco products A vulnerability in the CLI of Cisco Prime Infrastructure and Cisco Evolved Programmable Network (EPN) Manager could allow an authenticated, local attacker to access sensitive information stored on the underlying file system of an affected system. | 5.5 |
| 2021-09-01 | CVE-2021-39373 | Insufficiently Protected Credentials vulnerability in Samsung Drive Manager 2.0.104 Samsung Drive Manager 2.0.104 on Samsung H3 devices allows attackers to bypass intended access controls on disk management. | 7.8 |
| 2021-08-31 | CVE-2021-21681 | Insufficiently Protected Credentials vulnerability in Jenkins Nomad Jenkins Nomad Plugin 0.7.4 and earlier stores Docker passwords unencrypted in the global config.xml file on the Jenkins controller where they can be viewed by users with access to the Jenkins controller file system. | 5.5 |
| 2021-08-24 | CVE-2021-30948 | Insufficiently Protected Credentials vulnerability in Apple Iphone OS An inconsistent user interface issue was addressed with improved state management. | 4.6 |