Vulnerabilities > Insufficiently Protected Credentials
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-04-01 | CVE-2019-3942 | Insufficiently Protected Credentials vulnerability in Advantech Webaccess 8.3.4 Advantech WebAccess 8.3.4 does not properly restrict an RPC call that allows unauthenticated, remote users to read files. | 7.5 |
| 2020-04-01 | CVE-2020-11449 | Insufficiently Protected Credentials vulnerability in Technicolor Tc7337 Firmware 8.89.17 An issue was discovered on Technicolor TC7337 8.89.17 devices. | 7.5 |
| 2020-03-25 | CVE-2020-2165 | Insufficiently Protected Credentials vulnerability in Jfrog Artifactory Jenkins Artifactory Plugin 3.6.0 and earlier transmits configured passwords in plain text as part of its global Jenkins configuration form, potentially resulting in their exposure. | 7.5 |
| 2020-03-25 | CVE-2020-2164 | Insufficiently Protected Credentials vulnerability in Jfrog Artifactory Jenkins Artifactory Plugin 3.5.0 and earlier stores its Artifactory server password unencrypted in its global configuration file on the Jenkins master where it can be viewed by users with access to the master file system. | 6.5 |
| 2020-03-20 | CVE-2019-18785 | Insufficiently Protected Credentials vulnerability in Suitecrm SuiteCRM 7.10.x prior to 7.10.21 and 7.11.x prior to 7.11.9 mishandles API access tokens and credentials. | 7.5 |
| 2020-03-19 | CVE-2019-16067 | Insufficiently Protected Credentials vulnerability in Netsas Enigma Network Management Solution NETSAS Enigma NMS 65.0.0 and prior utilises basic authentication over HTTP for enforcing access control to the web application. | 7.5 |
| 2020-03-19 | CVE-2019-15656 | Insufficiently Protected Credentials vulnerability in Dlink Dsl-2875Al Firmware and Dsl-2877Al Firmware D-Link DSL-2875AL and DSL-2877AL devices through 1.00.05 are prone to information disclosure via a simple crafted request to index.asp on the web management server because of username_v and password_v variables. | 7.5 |
| 2020-03-19 | CVE-2019-15655 | Insufficiently Protected Credentials vulnerability in Dlink Dsl-2875Al Firmware 1.00.05 D-Link DSL-2875AL devices through 1.00.05 are prone to password disclosure via a simple crafted /romfile.cfg request to the web management server. | 7.5 |
| 2020-03-19 | CVE-2019-15653 | Insufficiently Protected Credentials vulnerability in Comba Ap2600-I - A02 - 0202N00Pd2 Firmware Comba AP2600-I devices through A02,0202N00PD2 are prone to password disclosure via an insecure authentication mechanism. | 7.5 |
| 2020-03-18 | CVE-2020-9324 | Insufficiently Protected Credentials vulnerability in Aquaforest Tiff Server 4.0 Aquaforest TIFF Server 4.0 allows Unauthenticated SMB Hash Capture via UNC. | 7.5 |