Vulnerabilities > Insufficiently Protected Credentials
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-02-12 | CVE-2020-2125 | Insufficiently Protected Credentials vulnerability in Jenkins Debian Package Builder Jenkins Debian Package Builder Plugin 1.6.11 and earlier stores a GPG passphrase unencrypted in its global configuration file on the Jenkins master where it can be viewed by users with access to the master file system. | 4.3 |
| 2020-02-12 | CVE-2020-2124 | Insufficiently Protected Credentials vulnerability in Jenkins Dynamic Extended Choice Parameter 1.0.0/1.0.1 Jenkins Dynamic Extended Choice Parameter Plugin 1.0.1 and earlier stores a password unencrypted in job config.xml files on the Jenkins master where it can be viewed by users with Extended Read permission, or access to the master file system. | 4.3 |
| 2020-02-12 | CVE-2020-2119 | Insufficiently Protected Credentials vulnerability in Jenkins Azure AD Jenkins Azure AD Plugin 1.1.2 and earlier transmits configured credentials in plain text as part of the global Jenkins configuration form, potentially resulting in their exposure. | 5.3 |
| 2020-02-12 | CVE-2020-2114 | Insufficiently Protected Credentials vulnerability in Jenkins S3 Publisher Jenkins S3 publisher Plugin 0.11.4 and earlier transmits configured credentials in plain text as part of the global Jenkins configuration form, potentially resulting in their exposure. | 7.5 |
| 2020-02-05 | CVE-2020-6969 | Insufficiently Protected Credentials vulnerability in Automationdirect products It is possible to unmask credentials and other sensitive information on “unprotected” project files, which may allow an attacker to remotely access the C-More Touch Panels EA9 series: firmware versions prior to 6.53 and manipulate system configurations. | 9.8 |
| 2020-02-04 | CVE-2013-7055 | Insufficiently Protected Credentials vulnerability in Dlink Dir-100 Firmware 4.03B07 D-Link DIR-100 4.03B07 has PPTP and poe information disclosure | 9.8 |
| 2020-02-04 | CVE-2013-7052 | Insufficiently Protected Credentials vulnerability in Dlink Dir-100 Firmware 4.03B07 D-Link DIR-100 4.03B07: security bypass via an error in the cliget.cgi script | 9.8 |
| 2020-02-03 | CVE-2013-2672 | Insufficiently Protected Credentials vulnerability in Brother Mfc-9970Cdw Firmware 1.10 Brother MFC-9970CDW devices with firmware 0D allow cleartext submission of passwords. | 7.5 |
| 2020-02-03 | CVE-2019-19119 | Insufficiently Protected Credentials vulnerability in Paessler Prtg Network Monitor An issue was discovered in PRTG 7.x through 19.4.53. | 5.5 |
| 2020-01-31 | CVE-2013-5113 | Insufficiently Protected Credentials vulnerability in Logmein Lastpass LastPass prior to 2.5.1 has an insecure PIN implementation. | 6.8 |