Vulnerabilities > Insufficiently Protected Credentials
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-02-12 | CVE-2022-38714 | Insufficiently Protected Credentials vulnerability in IBM Datastage IBM DataStage on Cloud Pak for Data 4.0.6 to 4.5.2 stores sensitive credential information that can be read by a privileged user. | 4.9 |
| 2024-02-10 | CVE-2024-22312 | Insufficiently Protected Credentials vulnerability in IBM Storage Defender Resiliency Service 2.0 IBM Storage Defender - Resiliency Service 2.0 stores user credentials in plain clear text which can be read by a local user. | 5.5 |
| 2024-02-05 | CVE-2024-24595 | Insufficiently Protected Credentials vulnerability in Clear Clearml Allegro AI’s open-source version of ClearML stores passwords in plaintext within the MongoDB instance, resulting in a compromised server leaking all user emails and passwords. | 7.1 |
| 2024-02-02 | CVE-2024-21869 | Insufficiently Protected Credentials vulnerability in Rapidscada Rapid Scada In Rapid Software LLC's Rapid SCADA versions prior to Version 5.8.4, the affected product stores plaintext credentials in various places. | 5.5 |
| 2024-01-25 | CVE-2024-22432 | Insufficiently Protected Credentials vulnerability in Dell Networker Networker 19.9 and all prior versions contains a Plain-text Password stored in temporary config file during backup duration in NMDA MySQL Database backups. | 6.5 |
| 2024-01-16 | CVE-2023-49106 | Insufficiently Protected Credentials vulnerability in Hitachi Device Manager Missing Password Field Masking vulnerability in Hitachi Device Manager on Windows, Linux (Device Manager Agent component).This issue affects Hitachi Device Manager: before 8.8.5-04. | 7.5 |
| 2024-01-11 | CVE-2023-50125 | Insufficiently Protected Credentials vulnerability in Hozard Alarm System 1.0 A default engineer password set on the Hozard alarm system (Alarmsysteem) v1.0 allows an attacker to bring the alarm system to a disarmed state. | 5.9 |
| 2024-01-10 | CVE-2023-29447 | Insufficiently Protected Credentials vulnerability in PTC products An insufficiently protected credentials vulnerability in KEPServerEX could allow an adversary to capture user credentials as the web server uses basic authentication. | 5.3 |
| 2024-01-01 | CVE-2023-6421 | Insufficiently Protected Credentials vulnerability in Wpdownloadmanager Wordpress Download Manager The Download Manager WordPress plugin before 3.2.83 does not protect file download's passwords, leaking it upon receiving an invalid one. | 7.5 |
| 2023-12-25 | CVE-2022-39820 | Insufficiently Protected Credentials vulnerability in Nokia Network Functions Manager for Transport 19.9 In Network Element Manager in NOKIA NFM-T R19.9, an Unprotected Storage of Credentials vulnerability occurs under /root/RestUploadManager.xml.DRC and /DEPOT/KECustom_199/OTNE_DRC/RestUploadManager.xml. | 6.5 |