Vulnerabilities > Insufficiently Protected Credentials
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-01-06 | CVE-2019-5990 | Insufficiently Protected Credentials vulnerability in Anglers-Net CGI An-Anlyzer 20190624 Access analysis CGI An-Analyzer released in 2019 June 24 and earlier allow remote attackers to obtain a login password via HTTP referer. | 7.5 |
| 2020-01-03 | CVE-2019-19310 | Insufficiently Protected Credentials vulnerability in Gitlab GitLab Enterprise Edition (EE) 9.0 and later through 12.5 allows Information Disclosure. | 4.9 |
| 2020-01-02 | CVE-2013-3620 | Insufficiently Protected Credentials vulnerability in multiple products Hardcoded WSMan credentials in Intelligent Platform Management Interface (IPMI) with firmware for Supermicro X9 generation motherboards before 3.15 (SMT_X9_315) and firmware for Supermicro X8 generation motherboards before SMT X8 312. | 7.5 |
| 2019-12-30 | CVE-2019-4335 | Insufficiently Protected Credentials vulnerability in IBM Watson Studio Local 1.2.3 IBM Watson Studio Local 1.2.3 stores key files in the user's home directory which could be obtained by another local user. | 5.5 |
| 2019-12-27 | CVE-2019-20047 | Insufficiently Protected Credentials vulnerability in Al-Enterprise Omnivista 4760 and Omnivista 8770 An issue was discovered on Alcatel-Lucent OmniVista 4760 devices, and 8770 devices before 4.1.2. | 7.5 |
| 2019-12-26 | CVE-2019-6024 | Insufficiently Protected Credentials vulnerability in Rakuten Rakuma Rakuma App for Android version 7.15.0 and earlier, and for iOS version 7.16.4 and earlier allows an attacker to bypass authentication and obtain the user's authentication information via a malicious application created by the third party. | 6.5 |
| 2019-12-23 | CVE-2019-3431 | Insufficiently Protected Credentials vulnerability in ZTE Zxcloud Goldendata VAP Zxivsvapportalxzgav4.01.01.02 All versions up to V4.01.01.02 of ZTE ZXCLOUD GoldenData VAP product have encryption problems vulnerability. | 9.8 |
| 2019-12-19 | CVE-2019-18615 | Insufficiently Protected Credentials vulnerability in Arista Cloudvision Portal 2018.2.0/2018.2.3 In CloudVision Portal (CVP) for all releases in the 2018.2 Train, under certain conditions, the application logs user passwords in plain text for certain API calls, potentially leading to user password exposure. | 4.9 |
| 2019-12-18 | CVE-2019-18572 | Insufficiently Protected Credentials vulnerability in Dell RSA Identity Governance and Lifecycle The RSA Identity Governance and Lifecycle and RSA Via Lifecycle and Governance products prior to 7.1.1 P03 contain an Improper Authentication vulnerability. | 9.8 |
| 2019-12-18 | CVE-2019-19890 | Insufficiently Protected Credentials vulnerability in Humaxdigital Hgb10R-02 Firmware 201608171855 An issue was discovered on Humax Wireless Voice Gateway HGB10R-2 20160817_1855 devices. | 7.5 |