Vulnerabilities > Insufficiently Protected Credentials
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-02-02 | CVE-2024-21869 | Insufficiently Protected Credentials vulnerability in Rapidscada Rapid Scada In Rapid Software LLC's Rapid SCADA versions prior to Version 5.8.4, the affected product stores plaintext credentials in various places. | 5.5 |
| 2024-01-29 | CVE-2023-29055 | Insufficiently Protected Credentials vulnerability in Apache Kylin In Apache Kylin version 2.0.0 to 4.0.3, there is a Server Config web interface that displays the content of file 'kylin.properties', that may contain serverside credentials. | 7.5 |
| 2024-01-25 | CVE-2024-22432 | Insufficiently Protected Credentials vulnerability in Dell Networker Networker 19.9 and all prior versions contains a Plain-text Password stored in temporary config file during backup duration in NMDA MySQL Database backups. | 6.5 |
| 2024-01-16 | CVE-2023-49106 | Insufficiently Protected Credentials vulnerability in Hitachi Device Manager Missing Password Field Masking vulnerability in Hitachi Device Manager on Windows, Linux (Device Manager Agent component).This issue affects Hitachi Device Manager: before 8.8.5-04. | 7.5 |
| 2024-01-11 | CVE-2023-50125 | Insufficiently Protected Credentials vulnerability in Hozard Alarm System 1.0 A default engineer password set on the Hozard alarm system (Alarmsysteem) v1.0 allows an attacker to bring the alarm system to a disarmed state. | 5.9 |
| 2024-01-10 | CVE-2023-29447 | Insufficiently Protected Credentials vulnerability in PTC products An insufficiently protected credentials vulnerability in KEPServerEX could allow an adversary to capture user credentials as the web server uses basic authentication. | 5.3 |
| 2024-01-01 | CVE-2023-6421 | Insufficiently Protected Credentials vulnerability in Wpdownloadmanager Wordpress Download Manager The Download Manager WordPress plugin before 3.2.83 does not protect file download's passwords, leaking it upon receiving an invalid one. | 7.5 |
| 2023-12-25 | CVE-2022-39820 | Insufficiently Protected Credentials vulnerability in Nokia Network Functions Manager for Transport 19.9 In Network Element Manager in NOKIA NFM-T R19.9, an Unprotected Storage of Credentials vulnerability occurs under /root/RestUploadManager.xml.DRC and /DEPOT/KECustom_199/OTNE_DRC/RestUploadManager.xml. | 6.5 |
| 2023-12-18 | CVE-2023-47741 | Insufficiently Protected Credentials vulnerability in IBM DB2 Mirror for I and I IBM i 7.3, 7.4, 7.5, IBM i Db2 Mirror for i 7.4 and 7.5 web browser clients may leave clear-text passwords in browser memory that can be viewed using common browser tools before the memory is garbage collected. | 5.3 |
| 2023-12-13 | CVE-2023-6791 | Insufficiently Protected Credentials vulnerability in Paloaltonetworks Pan-Os A credential disclosure vulnerability in Palo Alto Networks PAN-OS software enables an authenticated read-only administrator to obtain the plaintext credentials of stored external system integrations such as LDAP, SCP, RADIUS, TACACS+, and SNMP from the web interface. | 4.9 |