Vulnerabilities > Insufficiently Protected Credentials
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-12-17 | CVE-2019-16572 | Insufficiently Protected Credentials vulnerability in Jenkins Weibo 1.0.1 Jenkins Weibo Plugin 1.0.1 and earlier stores credentials unencrypted in its global configuration file on the Jenkins master where they can be viewed by users with access to the master file system. | 5.5 |
| 2019-12-17 | CVE-2019-16557 | Insufficiently Protected Credentials vulnerability in Jenkins Redgate SQL Change Automation Jenkins Redgate SQL Change Automation Plugin 2.0.3 and earlier stores credentials unencrypted in job config.xml files on the Jenkins master where they can be viewed by users with Extended Read permission, or access to the master file system. | 6.5 |
| 2019-12-17 | CVE-2019-16556 | Insufficiently Protected Credentials vulnerability in Jenkins Rundeck Jenkins Rundeck Plugin 3.6.5 and earlier stores credentials unencrypted in its global configuration file and in job config.xml files on the Jenkins master where they can be viewed by users with Extended Read permission, or access to the master file system. | 6.5 |
| 2019-12-13 | CVE-2014-0241 | Insufficiently Protected Credentials vulnerability in multiple products rubygem-hammer_cli_foreman: File /etc/hammer/cli.modules.d/foreman.yml world readable | 5.5 |
| 2019-12-09 | CVE-2019-19687 | Insufficiently Protected Credentials vulnerability in Openstack Keystone 15.0.0/16.0.0 OpenStack Keystone 15.0.0 and 16.0.0 is affected by Data Leakage in the list credentials API. | 8.8 |
| 2019-12-06 | CVE-2019-16673 | Insufficiently Protected Credentials vulnerability in Weidmueller products An issue was discovered on Weidmueller IE-SW-VL05M 3.6.6 Build 16102415, IE-SW-VL08MT 3.5.2 Build 16102415, and IE-SW-PL10M 3.3.16 Build 16102416 devices. | 6.5 |
| 2019-12-06 | CVE-2019-16672 | Insufficiently Protected Credentials vulnerability in Weidmueller products An issue was discovered on Weidmueller IE-SW-VL05M 3.6.6 Build 16102415, IE-SW-VL08MT 3.5.2 Build 16102415, and IE-SW-PL10M 3.3.16 Build 16102416 devices. | 9.8 |
| 2019-12-03 | CVE-2013-2106 | Insufficiently Protected Credentials vulnerability in multiple products webauth before 4.6.1 has authentication credential disclosure | 7.5 |
| 2019-11-25 | CVE-2012-5527 | Insufficiently Protected Credentials vulnerability in Claws-Mail Vcalendar Claws Mail vCalendar plugin: credentials exposed on interface | 5.5 |
| 2019-11-25 | CVE-2019-10214 | Insufficiently Protected Credentials vulnerability in multiple products The containers/image library used by the container tools Podman, Buildah, and Skopeo in Red Hat Enterprise Linux version 8 and CRI-O in OpenShift Container Platform, does not enforce TLS connections to the container registry authorization service. | 5.9 |