Vulnerabilities > Insufficiently Protected Credentials
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-03-19 | CVE-2019-10225 | Insufficiently Protected Credentials vulnerability in Redhat Openshift and Openshift Container Platform A flaw was found in atomic-openshift of openshift-4.2 where the basic-user RABC role in OpenShift Container Platform doesn't sufficiently protect the GlusterFS StorageClass against leaking of the restuserkey. | 6.3 |
| 2021-03-18 | CVE-2021-3141 | Insufficiently Protected Credentials vulnerability in Unisys Stealth 6.0 In Unisys Stealth (core) before 6.0.025.0, the Keycloak password is stored in a recoverable format that might be accessible by a local attacker, who could gain access to the Management Server and change the Stealth configuration. | 7.8 |
| 2021-03-16 | CVE-2021-3344 | Insufficiently Protected Credentials vulnerability in Redhat Openshift Builder and Openshift Container Platform A privilege escalation flaw was found in OpenShift builder. | 8.8 |
| 2021-03-03 | CVE-2021-27935 | Insufficiently Protected Credentials vulnerability in Adguard Home An issue was discovered in AdGuard before 0.105.2. | 7.5 |
| 2021-03-03 | CVE-2021-22681 | Insufficiently Protected Credentials vulnerability in Rockwellautomation products Rockwell Automation Studio 5000 Logix Designer Versions 21 and later, and RSLogix 5000 Versions 16 through 20 use a key to verify Logix controllers are communicating with Rockwell Automation CompactLogix 1768, 1769, 5370, 5380, 5480: ControlLogix 5550, 5560, 5570, 5580; DriveLogix 5560, 5730, 1794-L34; Compact GuardLogix 5370, 5380; GuardLogix 5570, 5580; SoftLogix 5800. | 9.8 |
| 2021-02-27 | CVE-2021-25284 | Insufficiently Protected Credentials vulnerability in multiple products An issue was discovered in through SaltStack Salt before 3002.5. | 4.4 |
| 2021-02-25 | CVE-2021-1731 | Insufficiently Protected Credentials vulnerability in Microsoft products PFX Encryption Security Feature Bypass Vulnerability | 5.5 |
| 2021-02-23 | CVE-2021-3252 | Insufficiently Protected Credentials vulnerability in Kaco-Newenergy Xp100U Firmware Xpjava2.0 KACO New Energy XP100U Up to XP-JAVA 2.0 is affected by incorrect access control. | 7.5 |
| 2021-02-18 | CVE-2021-20445 | Insufficiently Protected Credentials vulnerability in IBM Maximo for Civil Infrastructure 7.6.2 IBM Maximo for Civil Infrastructure 7.6.2 could allow a user to obtain sensitive information due to insecure storeage of authentication credentials. | 6.5 |
| 2021-02-18 | CVE-2020-9306 | Insufficiently Protected Credentials vulnerability in Tesla Solarcity Solar Monitoring Gateway 5.46.43 Tesla SolarCity Solar Monitoring Gateway through 5.46.43 has a "Use of Hard-coded Credentials" issue because Digi ConnectPort X2e uses a .pyc file to store the cleartext password for the python user account. | 8.8 |