Vulnerabilities > Insufficiently Protected Credentials
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-11-16 | CVE-2020-8259 | Insufficiently Protected Credentials vulnerability in Nextcloud Server Insufficient protection of the server-side encryption keys in Nextcloud Server 19.0.1 allowed an attacker to replace the encryption keys. | 8.1 |
| 2020-11-16 | CVE-2020-8152 | Insufficiently Protected Credentials vulnerability in Nextcloud Server Insufficient protection of the server-side encryption keys in Nextcloud Server 19.0.1 allowed an attacker to replace the public key to decrypt them later on. | 4.4 |
| 2020-11-12 | CVE-2020-12333 | Insufficiently Protected Credentials vulnerability in Intel Quickassist Technology 1.0.4000004 Insufficiently protected credentials in the Intel(R) QAT for Linux before version 1.7.l.4.10.0 may allow an authenticated user to potentially enable escalation of privilege via local access. | 7.8 |
| 2020-11-12 | CVE-2020-12316 | Insufficiently Protected Credentials vulnerability in Intel Endpoint Management Assistant 1.3.1/1.3.2/1.3.2.1 Insufficiently protected credentials in the Intel(R) EMA before version 1.3.3 may allow an authorized user to potentially enable information disclosure via local access. | 5.5 |
| 2020-11-12 | CVE-2020-12309 | Insufficiently Protected Credentials vulnerability in Intel products Insufficiently protected credentialsin subsystem in some Intel(R) Client SSDs and some Intel(R) Data Center SSDs may allow an unauthenticated user to potentially enable information disclosure via physical access. | 4.6 |
| 2020-11-10 | CVE-2020-4568 | Insufficiently Protected Credentials vulnerability in IBM Security KEY Lifecycle Manager 3.0/3.0.1/4.0 IBM Tivoli Key Lifecycle Manager 3.0, 3.0.1, and 4.0 stores user credentials in plain in clear text which can be read by a local user. | 5.5 |
| 2020-11-05 | CVE-2020-27688 | Insufficiently Protected Credentials vulnerability in Robware Rvtools 4.0.6 RVToolsPasswordEncryption.exe in RVTools 4.0.6 allows users to encrypt passwords to be used in the configuration files. | 7.5 |
| 2020-11-04 | CVE-2020-2319 | Insufficiently Protected Credentials vulnerability in Jenkins VMWare LAB Manager Slaves Jenkins VMware Lab Manager Slaves Plugin 0.2.8 and earlier stores a password unencrypted in the global config.xml file on the Jenkins controller where it can be viewed by users with access to the Jenkins controller file system. | 6.5 |
| 2020-11-04 | CVE-2020-2318 | Insufficiently Protected Credentials vulnerability in Jenkins Mail Commander 1.0.0 Jenkins Mail Commander Plugin for Jenkins-ci Plugin 1.0.0 and earlier stores passwords unencrypted in job config.xml files on the Jenkins controller where they can be viewed by users with Extended Read permission, or access to the Jenkins controller file system. | 6.5 |
| 2020-11-04 | CVE-2020-2314 | Insufficiently Protected Credentials vulnerability in Jenkins Appspider Jenkins AppSpider Plugin 1.0.12 and earlier stores a password unencrypted in its global configuration file on the Jenkins controller where it can be viewed by users with access to the Jenkins controller file system. | 5.5 |