Vulnerabilities > Insufficiently Protected Credentials
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-06-26 | CVE-2020-10727 | Insufficiently Protected Credentials vulnerability in multiple products A flaw was found in ActiveMQ Artemis management API from version 2.7.0 up until 2.12.0, where a user inadvertently stores passwords in plaintext in the Artemis shadow file (etc/artemis-users.properties file) when executing the `resetUsers` operation. | 5.5 |
| 2020-06-19 | CVE-2020-14930 | Insufficiently Protected Credentials vulnerability in BT Ctroms Terminal Project BT Ctroms Terminal An issue was discovered in BT CTROMS Terminal OS Port Portal CT-464. | 8.1 |
| 2020-06-19 | CVE-2018-21248 | Insufficiently Protected Credentials vulnerability in Mattermost Server An issue was discovered in Mattermost Server before 5.4.0. | 7.5 |
| 2020-06-15 | CVE-2020-0540 | Insufficiently Protected Credentials vulnerability in Intel Active Management Technology Firmware Insufficiently protected credentials in Intel(R) AMT versions before 11.8.77, 11.12.77, 11.22.77 and 12.0.64 may allow an unauthenticated user to potentially enable information disclosure via network access. | 7.5 |
| 2020-06-12 | CVE-2020-10752 | Insufficiently Protected Credentials vulnerability in Redhat Openshift Container Platform 3.11/4.0 A flaw was found in the OpenShift API Server, where it failed to sufficiently protect OAuthTokens by leaking them into the logs when an API Server panic occurred. | 7.5 |
| 2020-06-10 | CVE-2020-10755 | Insufficiently Protected Credentials vulnerability in multiple products An insecure-credentials flaw was found in all openstack-cinder versions before openstack-cinder 14.1.0, all openstack-cinder 15.x.x versions before openstack-cinder 15.2.0 and all openstack-cinder 16.x.x versions before openstack-cinder 16.1.0. | 6.5 |
| 2020-06-10 | CVE-2020-6239 | Insufficiently Protected Credentials vulnerability in SAP Business ONE 10.0/9.3 Under certain conditions SAP Business One (Backup service), versions 9.3, 10.0, allows an attacker with admin permissions to view SYSTEM user password in clear text, leading to Information Disclosure. | 4.4 |
| 2020-06-04 | CVE-2020-11681 | Insufficiently Protected Credentials vulnerability in Castel Nextgen DVR Firmware 1.0.0 Castel NextGen DVR v1.0.0 stores and displays credentials for the associated SMTP server in cleartext. | 8.1 |
| 2020-06-04 | CVE-2018-21239 | Insufficiently Protected Credentials vulnerability in Foxitsoftware Phantompdf An issue was discovered in Foxit Reader and PhantomPDF before 9.2. | 5.3 |
| 2020-06-04 | CVE-2018-21237 | Insufficiently Protected Credentials vulnerability in Foxitsoftware Phantompdf An issue was discovered in Foxit PhantomPDF before 8.3.7. | 5.3 |