Vulnerabilities > Insufficiently Protected Credentials
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-01-13 | CVE-2020-4602 | Insufficiently Protected Credentials vulnerability in IBM Security Guardium Insights 2.0.2 IBM Security Guardium Insights 2.0.2 stores user credentials in plain in clear text which can be read by a local user. | 4.4 |
| 2021-01-13 | CVE-2021-21614 | Insufficiently Protected Credentials vulnerability in Jenkins Bumblebee HP ALM Jenkins Bumblebee HP ALM Plugin 4.1.5 and earlier stores credentials unencrypted in its global configuration file on the Jenkins controller where they can be viewed by users with access to the Jenkins controller file system. | 5.5 |
| 2021-01-13 | CVE-2021-21612 | Insufficiently Protected Credentials vulnerability in Jenkins Tracetronic Ecu-Test Jenkins TraceTronic ECU-TEST Plugin 2.23.1 and earlier stores credentials unencrypted in its global configuration file on the Jenkins controller where they can be viewed by users with access to the Jenkins controller file system. | 5.5 |
| 2021-01-12 | CVE-2020-28390 | Insufficiently Protected Credentials vulnerability in Siemens Opcenter Execution Core 8.2/8.3 A vulnerability has been identified in Opcenter Execution Core (V8.2), Opcenter Execution Core (V8.3). | 5.5 |
| 2021-01-04 | CVE-2020-4913 | Insufficiently Protected Credentials vulnerability in IBM Cloud PAK System IBM Cloud Pak System 2.3 could reveal credential information in the HTTP response to a local privileged user. | 4.4 |
| 2020-12-22 | CVE-2020-29583 | Insufficiently Protected Credentials vulnerability in Zyxel products Firmware version 4.60 of Zyxel USG devices contains an undocumented account (zyfwp) with an unchangeable password. | 9.8 |
| 2020-12-22 | CVE-2020-24680 | Insufficiently Protected Credentials vulnerability in ABB Symphony + Historian and Symphony + Operations In S+ Operations and S+ Historian, the passwords of internal users (not Windows Users) are encrypted but improperly stored in a database. | 7.0 |
| 2020-12-18 | CVE-2020-27781 | Insufficiently Protected Credentials vulnerability in multiple products User credentials can be manipulated and stolen by Native CephFS consumers of OpenStack Manila, resulting in potential privilege escalation. | 7.1 |
| 2020-12-16 | CVE-2019-14477 | Insufficiently Protected Credentials vulnerability in Adremsoft Netcrunch AdRem NetCrunch 10.6.0.4587 has Improper Credential Storage since the internal user database is readable by low-privileged users and passwords in the database are weakly encoded or encrypted. | 5.5 |
| 2020-12-14 | CVE-2020-25235 | Insufficiently Protected Credentials vulnerability in Siemens Logo! 8 BM Firmware A vulnerability has been identified in LOGO! 8 BM (incl. | 7.5 |