Vulnerabilities > Insufficiently Protected Credentials
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-04-07 | CVE-2017-18695 | Insufficiently Protected Credentials vulnerability in Google Android An issue was discovered on Samsung mobile devices with KK(4.4), L(5.0/5.1), M(6.0), and N(7.0) software. | 6.5 |
| 2020-04-07 | CVE-2016-11029 | Insufficiently Protected Credentials vulnerability in Google Android An issue was discovered on Samsung mobile devices with L(5.0/5.1), M(6.0), and N(7.0) software. | 7.5 |
| 2020-04-02 | CVE-2019-19096 | Insufficiently Protected Credentials vulnerability in Hitachienergy Esoms 6.0/6.0.2 The Redis data structure component used in ABB eSOMS versions 6.0 to 6.0.2 stores credentials in clear text. | 6.1 |
| 2020-04-01 | CVE-2019-3942 | Insufficiently Protected Credentials vulnerability in Advantech Webaccess 8.3.4 Advantech WebAccess 8.3.4 does not properly restrict an RPC call that allows unauthenticated, remote users to read files. | 7.5 |
| 2020-04-01 | CVE-2020-11449 | Insufficiently Protected Credentials vulnerability in Technicolor Tc7337 Firmware 8.89.17 An issue was discovered on Technicolor TC7337 8.89.17 devices. | 7.5 |
| 2020-03-25 | CVE-2020-2165 | Insufficiently Protected Credentials vulnerability in Jfrog Artifactory Jenkins Artifactory Plugin 3.6.0 and earlier transmits configured passwords in plain text as part of its global Jenkins configuration form, potentially resulting in their exposure. | 7.5 |
| 2020-03-25 | CVE-2020-2164 | Insufficiently Protected Credentials vulnerability in Jfrog Artifactory Jenkins Artifactory Plugin 3.5.0 and earlier stores its Artifactory server password unencrypted in its global configuration file on the Jenkins master where it can be viewed by users with access to the master file system. | 6.5 |
| 2020-03-20 | CVE-2019-18785 | Insufficiently Protected Credentials vulnerability in Suitecrm SuiteCRM 7.10.x prior to 7.10.21 and 7.11.x prior to 7.11.9 mishandles API access tokens and credentials. | 7.5 |
| 2020-03-19 | CVE-2019-16067 | Insufficiently Protected Credentials vulnerability in Netsas Enigma Network Management Solution NETSAS Enigma NMS 65.0.0 and prior utilises basic authentication over HTTP for enforcing access control to the web application. | 7.5 |
| 2020-03-19 | CVE-2019-15656 | Insufficiently Protected Credentials vulnerability in Dlink Dsl-2875Al Firmware and Dsl-2877Al Firmware D-Link DSL-2875AL and DSL-2877AL devices through 1.00.05 are prone to information disclosure via a simple crafted request to index.asp on the web management server because of username_v and password_v variables. | 7.5 |