Vulnerabilities > Insufficiently Protected Credentials
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-12-13 | CVE-2023-50770 | Insufficiently Protected Credentials vulnerability in Jenkins Openid Jenkins OpenId Connect Authentication Plugin 2.6 and earlier stores a password of a local user account used as an anti-lockout feature in a recoverable format, allowing attackers with access to the Jenkins controller file system to recover the plain text password of that account, likely gaining administrator access to Jenkins. | 6.7 |
| 2023-12-13 | CVE-2023-47577 | Insufficiently Protected Credentials vulnerability in Relyum Rely-Pcie Firmware and Rely-Rec Firmware An issue discovered in Relyum RELY-PCIe 22.2.1 and RELY-REC 23.1.0 allows for unauthorized password changes due to no check for current password. | 9.8 |
| 2023-12-12 | CVE-2018-16153 | Insufficiently Protected Credentials vulnerability in Apereo Opencast An issue was discovered in Apereo Opencast 4.x through 10.x before 10.6. | 7.5 |
| 2023-12-09 | CVE-2023-47722 | Insufficiently Protected Credentials vulnerability in IBM API Connect 10.0.5.3/10.0.6.0 IBM API Connect V10.0.5.3 and V10.0.6.0 stores user credentials in browser cache which can be read by a local user. | 5.5 |
| 2023-12-06 | CVE-2023-32268 | Insufficiently Protected Credentials vulnerability in Microfocus Filr Exposure of Proxy Administrator Credentials An authenticated administrator equivalent Filr user can access the credentials of proxy administrators. | 7.2 |
| 2023-12-04 | CVE-2023-24047 | Insufficiently Protected Credentials vulnerability in Connectize Ac21000 G6 Firmware 641.139.1.1256 An Insecure Credential Management issue discovered in Connectize AC21000 G6 641.139.1.1256 allows attackers to gain escalated privileges via use of weak hashing algorithm. | 6.8 |
| 2023-12-04 | CVE-2023-49280 | Insufficiently Protected Credentials vulnerability in Xwiki Change Request XWiki Change Request is an XWiki application allowing to request changes on a wiki without publishing directly the changes. | 6.5 |
| 2023-12-04 | CVE-2023-44300 | Insufficiently Protected Credentials vulnerability in Dell Powerprotect Data Manager Dm5500 Firmware Dell DM5500 5.14.0.0, contain a Plain-text Password Storage Vulnerability in the appliance. | 5.5 |
| 2023-11-29 | CVE-2023-49653 | Insufficiently Protected Credentials vulnerability in Jenkins Jira Jenkins Jira Plugin 3.11 and earlier does not set the appropriate context for credentials lookup, allowing attackers with Item/Configure permission to access and capture credentials they are not entitled to. | 6.5 |
| 2023-11-27 | CVE-2023-6254 | Insufficiently Protected Credentials vulnerability in Otrs A Vulnerability in OTRS AgentInterface and ExternalInterface allows the reading of plain text passwords which are send back to the client in the server response- This issue affects OTRS: from 8.0.X through 8.0.37. | 7.5 |