Vulnerabilities > Insufficiently Protected Credentials
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-09-30 | CVE-2020-26149 | Insufficiently Protected Credentials vulnerability in Linuxfoundation Nats.Deno and Nats.Js NATS nats.js before 2.0.0-209, nats.ws before 1.0.0-111, and nats.deno before 1.0.0-9 allow credential disclosure from a client to a server. | 7.5 |
| 2020-09-25 | CVE-2019-16211 | Insufficiently Protected Credentials vulnerability in Broadcom Brocade Sannav 1.1.0/1.1.1/2.0 Brocade SANnav versions before v2.1.0, contain a Plaintext Password Storage vulnerability. | 9.8 |
| 2020-09-18 | CVE-2020-7945 | Insufficiently Protected Credentials vulnerability in Puppet Continuous Delivery 4.0.0 Local registry credentials were included directly in the CD4PE deployment definition, which could expose these credentials to users who should not have access to them. | 5.5 |
| 2020-09-09 | CVE-2020-15791 | Insufficiently Protected Credentials vulnerability in Siemens products A vulnerability has been identified in SIMATIC S7-300 CPU family (incl. | 6.5 |
| 2020-09-04 | CVE-2020-7299 | Insufficiently Protected Credentials vulnerability in Mcafee True KEY 5.1.165 Cleartext Storage of Sensitive Information in Memory vulnerability in Microsoft Windows client in McAfee True Key (TK) prior to 6.2.109.2 allows a local user logged in with administrative privileges to access to another user’s passwords on the same machine via triggering a process dump in specific situations. | 4.1 |
| 2020-09-04 | CVE-2020-3547 | Insufficiently Protected Credentials vulnerability in Cisco Asyncos A vulnerability in the web-based management interface of Cisco AsyncOS software for Cisco Email Security Appliance (ESA), Cisco Content Security Management Appliance (SMA), and Cisco Web Security Appliance (WSA) could allow an authenticated, remote attacker to access sensitive information on an affected device. | 6.5 |
| 2020-09-01 | CVE-2020-6874 | Insufficiently Protected Credentials vulnerability in ZTE Zxiptv Firmware Zxiptvwebpv5.09.08.04 A ZTE product is impacted by the cryptographic issues vulnerability. | 9.1 |
| 2020-08-26 | CVE-2019-4697 | Insufficiently Protected Credentials vulnerability in IBM products IBM Security Guardium Data Encryption (GDE) 3.0.0.2 stores user credentials in plain in clear text which can be read by an authenticated user. | 6.5 |
| 2020-08-26 | CVE-2019-4693 | Insufficiently Protected Credentials vulnerability in IBM products IBM Security Guardium Data Encryption (GDE) 3.0.0.2 stores user credentials in plain in clear text which can be read by a local privileged user. | 4.4 |
| 2020-08-25 | CVE-2020-24622 | Insufficiently Protected Credentials vulnerability in Sonatype Nexus In Sonatype Nexus Repository 3.26.1, an S3 secret key can be exposed by an admin user. | 4.9 |