Vulnerabilities > Insufficiently Protected Credentials
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-01-10 | CVE-2019-4508 | Insufficiently Protected Credentials vulnerability in IBM Qradar Security Information and Event Manager IBM QRadar SIEM 7.3.0 through 7.3.3 uses weak credential storage in some instances which could be decrypted by a local attacker. | 7.8 |
| 2020-01-10 | CVE-2014-5093 | Insufficiently Protected Credentials vulnerability in Status2K Status2k does not remove the install directory allowing credential reset. | 9.8 |
| 2020-01-07 | CVE-2019-6700 | Insufficiently Protected Credentials vulnerability in Fortinet Fortisiem An information exposure vulnerability in the external authentication profile form of FortiSIEM 5.2.2 and earlier may allow an authenticated attacker to retrieve the external authentication password via the HTML source code. | 6.5 |
| 2020-01-06 | CVE-2019-5990 | Insufficiently Protected Credentials vulnerability in Anglers-Net CGI An-Anlyzer 20190624 Access analysis CGI An-Analyzer released in 2019 June 24 and earlier allow remote attackers to obtain a login password via HTTP referer. | 7.5 |
| 2020-01-03 | CVE-2019-19310 | Insufficiently Protected Credentials vulnerability in Gitlab GitLab Enterprise Edition (EE) 9.0 and later through 12.5 allows Information Disclosure. | 4.9 |
| 2020-01-02 | CVE-2013-3620 | Insufficiently Protected Credentials vulnerability in multiple products Hardcoded WSMan credentials in Intelligent Platform Management Interface (IPMI) with firmware for Supermicro X9 generation motherboards before 3.15 (SMT_X9_315) and firmware for Supermicro X8 generation motherboards before SMT X8 312. | 7.5 |
| 2020-01-02 | CVE-2019-10205 | Insufficiently Protected Credentials vulnerability in Redhat Quay 3.0.0 A flaw was found in the way Red Hat Quay stores robot account tokens in plain text. | 6.3 |
| 2019-12-30 | CVE-2019-4335 | Insufficiently Protected Credentials vulnerability in IBM Watson Studio Local 1.2.3 IBM Watson Studio Local 1.2.3 stores key files in the user's home directory which could be obtained by another local user. | 5.5 |
| 2019-12-27 | CVE-2019-20047 | Insufficiently Protected Credentials vulnerability in Al-Enterprise Omnivista 4760 and Omnivista 8770 An issue was discovered on Alcatel-Lucent OmniVista 4760 devices, and 8770 devices before 4.1.2. | 7.5 |
| 2019-12-26 | CVE-2019-6024 | Insufficiently Protected Credentials vulnerability in Rakuten Rakuma Rakuma App for Android version 7.15.0 and earlier, and for iOS version 7.16.4 and earlier allows an attacker to bypass authentication and obtain the user's authentication information via a malicious application created by the third party. | 6.5 |