Vulnerabilities > Insufficiently Protected Credentials
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-05-03 | CVE-2023-40511 | Insufficiently Protected Credentials vulnerability in LG Simple Editor 3.21.0 LG Simple Editor checkServer Authentication Bypass Vulnerability. | 7.5 |
| 2024-05-02 | CVE-2024-3543 | Insufficiently Protected Credentials vulnerability in Progress Loadmaster 7.2.48.11 Use of reversible password encryption algorithm allows attackers to decrypt passwords. Sensitive information can be easily unencrypted by the attacker, stolen credentials can be used for arbitrary actions to corrupt the system. | 7.5 |
| 2024-04-29 | CVE-2024-28961 | Insufficiently Protected Credentials vulnerability in Dell Openmanage Enterprise 4.0/4.0.1 Dell OpenManage Enterprise, versions 4.0.0 and 4.0.1, contains a sensitive information disclosure vulnerability. | 7.8 |
| 2024-04-03 | CVE-2024-20282 | A vulnerability in Cisco Nexus Dashboard could allow an authenticated, local attacker with valid rescue-user credentials to elevate privileges to root on an affected device. This vulnerability is due to insufficient protections for a sensitive access token. | 6.0 |
| 2024-03-18 | CVE-2022-47037 | Insufficiently Protected Credentials vulnerability in Siklu TG Firmware Siklu TG Terragraph devices before 2.1.1 allow attackers to discover valid, randomly generated credentials via GetCredentials. | 7.5 |
| 2024-03-05 | CVE-2024-21815 | Insufficiently Protected Credentials vulnerability in Gallagher Command Centre Insufficiently protected credentials (CWE-522) for third party DVR integrations to the Command Centre Server are accessible to authenticated but unprivileged users. | 6.5 |
| 2024-02-21 | CVE-2024-26133 | Insufficiently Protected Credentials vulnerability in Kurrent Eventstoredb EventStoreDB (ESDB) is an operational database built to store events. | 4.9 |
| 2024-02-19 | CVE-2023-6259 | Insufficiently Protected Credentials vulnerability in Brivo Acs100 Firmware and Acs300 Firmware Insufficiently Protected Credentials, : Improper Access Control vulnerability in Brivo ACS100, ACS300 allows Password Recovery Exploitation, Bypassing Physical Security.This issue affects ACS100, ACS300: from 5.2.4 before 6.2.4.3. | 4.6 |
| 2024-02-15 | CVE-2023-4538 | Insufficiently Protected Credentials vulnerability in Comarch ERP XL The database access credentials configured during installation are stored in a special table, and are encrypted with a shared key, same among all Comarch ERP XL client installations. | 6.5 |
| 2024-02-12 | CVE-2022-38714 | Insufficiently Protected Credentials vulnerability in IBM Datastage IBM DataStage on Cloud Pak for Data 4.0.6 to 4.5.2 stores sensitive credential information that can be read by a privileged user. | 4.9 |