Vulnerabilities > Insufficiently Protected Credentials
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-08-07 | CVE-2020-15054 | Insufficiently Protected Credentials vulnerability in Tp-Link Tl-Ps310U Firmware TP-Link USB Network Server TL-PS310U devices before 2.079.000.t0210 allow an attacker on the same network to elevate privileges because the administrative password can be discovered by sniffing unencrypted UDP traffic. | 8.8 |
| 2020-07-29 | CVE-2020-2078 | Insufficiently Protected Credentials vulnerability in Sick Package Analytics 04.0.0/04.1.1 Passwords are stored in plain text within the configuration of SICK Package Analytics software up to and including V04.1.1. | 6.5 |
| 2020-07-29 | CVE-2020-14489 | Insufficiently Protected Credentials vulnerability in Openclinic GA Project Openclinic GA 5.09.02/5.89.05B OpenClinic GA 5.09.02 and 5.89.05b stores passwords using inadequate hashing complexity, which may allow an attacker to recover passwords using known password cracking techniques. | 7.5 |
| 2020-07-27 | CVE-2020-10609 | Insufficiently Protected Credentials vulnerability in Grundfos CIM 500 06.16.00 Grundfos CIM 500 v06.16.00 stores plaintext credentials, which may allow sensitive information to be read or allow modification to system settings by someone with access to the device. | 7.5 |
| 2020-07-27 | CVE-2020-4408 | Insufficiently Protected Credentials vulnerability in IBM Qradar Advisory The IBM QRadar Advisor 1.1 through 2.5.2 with Watson App for IBM QRadar SIEM does not adequately mask all passwords during input, which could be obtained by a physical attacker nearby. | 4.6 |
| 2020-07-22 | CVE-2020-4372 | Insufficiently Protected Credentials vulnerability in IBM Verify Gateway 1.0.0/1.0.1 IBM Verify Gateway (IVG) 1.0.0 and 1.0.1 stores user credentials in plain in clear text which can be read by a local user. | 7.8 |
| 2020-07-16 | CVE-2020-4095 | Insufficiently Protected Credentials vulnerability in Hcltech Bigfix Platform "BigFix Platform is storing clear text credentials within the system's memory. | 6.0 |
| 2020-07-16 | CVE-2020-3180 | Insufficiently Protected Credentials vulnerability in Cisco Sd-Wan A vulnerability in Cisco SD-WAN Solution Software could allow an unauthenticated, local attacker to access an affected device by using an account that has a default, static password. | 7.8 |
| 2020-07-15 | CVE-2020-10287 | Insufficiently Protected Credentials vulnerability in ABB Irb140 Firmware and Irc5 Firmware The IRC5 family with UAS service enabled comes by default with credentials that can be found on publicly available manuals. | 9.8 |
| 2020-07-02 | CVE-2020-2218 | Insufficiently Protected Credentials vulnerability in HP Application Lifecycle Management Quality Center Project HP Application Lifecycle Management Quality Center Jenkins HP ALM Quality Center Plugin 1.6 and earlier stores a password unencrypted in its global configuration file on the Jenkins master where it can be viewed by users with access to the master file system. | 3.3 |