Vulnerabilities > Insufficiently Protected Credentials
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-03-05 | CVE-2024-21815 | Insufficiently Protected Credentials vulnerability in Gallagher Command Centre Insufficiently protected credentials (CWE-522) for third party DVR integrations to the Command Centre Server are accessible to authenticated but unprivileged users. | 6.5 |
| 2024-02-21 | CVE-2024-26133 | Insufficiently Protected Credentials vulnerability in Kurrent Eventstoredb EventStoreDB (ESDB) is an operational database built to store events. | 4.9 |
| 2024-02-15 | CVE-2023-4538 | Insufficiently Protected Credentials vulnerability in Comarch ERP XL The database access credentials configured during installation are stored in a special table, and are encrypted with a shared key, same among all Comarch ERP XL client installations. | 6.5 |
| 2024-02-12 | CVE-2022-38714 | Insufficiently Protected Credentials vulnerability in IBM Datastage IBM DataStage on Cloud Pak for Data 4.0.6 to 4.5.2 stores sensitive credential information that can be read by a privileged user. | 4.9 |
| 2024-02-10 | CVE-2024-22312 | Insufficiently Protected Credentials vulnerability in IBM Storage Defender Resiliency Service 2.0 IBM Storage Defender - Resiliency Service 2.0 stores user credentials in plain clear text which can be read by a local user. | 5.5 |
| 2024-02-05 | CVE-2024-24595 | Insufficiently Protected Credentials vulnerability in Clear Clearml Allegro AI’s open-source version of ClearML stores passwords in plaintext within the MongoDB instance, resulting in a compromised server leaking all user emails and passwords. | 7.1 |
| 2024-02-02 | CVE-2024-21869 | Insufficiently Protected Credentials vulnerability in Rapidscada Rapid Scada In Rapid Software LLC's Rapid SCADA versions prior to Version 5.8.4, the affected product stores plaintext credentials in various places. | 5.5 |
| 2024-01-25 | CVE-2024-22432 | Insufficiently Protected Credentials vulnerability in Dell Networker Networker 19.9 and all prior versions contains a Plain-text Password stored in temporary config file during backup duration in NMDA MySQL Database backups. | 6.5 |
| 2024-01-16 | CVE-2023-49106 | Insufficiently Protected Credentials vulnerability in Hitachi Device Manager Missing Password Field Masking vulnerability in Hitachi Device Manager on Windows, Linux (Device Manager Agent component).This issue affects Hitachi Device Manager: before 8.8.5-04. | 7.5 |
| 2024-01-11 | CVE-2023-50125 | Insufficiently Protected Credentials vulnerability in Hozard Alarm System 1.0 A default engineer password set on the Hozard alarm system (Alarmsysteem) v1.0 allows an attacker to bring the alarm system to a disarmed state. | 5.9 |