Vulnerabilities > Insufficiently Protected Credentials
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-11-04 | CVE-2013-4423 | Insufficiently Protected Credentials vulnerability in Redhat Cloudforms 3.0 CloudForms stores user passwords in recoverable format | 5.5 |
| 2019-10-29 | CVE-2019-10210 | Insufficiently Protected Credentials vulnerability in Postgresql Postgresql Windows installer before versions 11.5, 10.10, 9.6.15, 9.5.19, 9.4.24 is vulnerable via superuser writing password to unprotected temporary file. | 7.0 |
| 2019-10-29 | CVE-2019-4307 | Insufficiently Protected Credentials vulnerability in IBM Security Guardium BIG Data Intelligence 4.0 IBM Security Guardium Big Data Intelligence (SonarG) 4.0 stores user credentials in plain in clear text which can be read by a local user. | 5.5 |
| 2019-10-28 | CVE-2019-14929 | Insufficiently Protected Credentials vulnerability in multiple products An issue was discovered on Mitsubishi Electric Europe B.V. | 9.8 |
| 2019-10-23 | CVE-2019-10476 | Insufficiently Protected Credentials vulnerability in Jenkins Zulip Jenkins Zulip Plugin 1.1.0 and earlier stored credentials unencrypted in its global configuration file on the Jenkins master where they could be viewed by users with access to the master file system. | 7.8 |
| 2019-10-23 | CVE-2019-10467 | Insufficiently Protected Credentials vulnerability in Jenkins Sonar Gerrit Jenkins Sonar Gerrit Plugin stores credentials unencrypted in job config.xml files on the Jenkins master where they can be viewed by users with Extended Read permission, or access to the master file system. | 6.5 |
| 2019-10-23 | CVE-2019-10461 | Insufficiently Protected Credentials vulnerability in Jenkins Dynatrace Application Monitoring Jenkins Dynatrace Application Monitoring Plugin 2.1.3 and earlier stored credentials unencrypted in its global configuration file on the Jenkins master where they could be viewed by users with access to the master file system. | 7.8 |
| 2019-10-23 | CVE-2019-10460 | Insufficiently Protected Credentials vulnerability in Jenkins Bitbucket Oauth Jenkins Bitbucket OAuth Plugin 0.9 and earlier stored credentials unencrypted in the global config.xml configuration file on the Jenkins master where they could be viewed by users with access to the master file system. | 7.8 |
| 2019-10-23 | CVE-2019-10459 | Insufficiently Protected Credentials vulnerability in Jenkins Mattermost Notification Jenkins Mattermost Notification Plugin 2.7.0 and earlier stored webhook URLs containing a secret token unencrypted in its global configuration file and job config.xml files on the Jenkins master where they could be viewed by users with Extended Read permission, or access to the master file system. | 6.5 |
| 2019-10-18 | CVE-2019-17393 | Insufficiently Protected Credentials vulnerability in Tomedo Server 1.7.3 The Customer's Tomedo Server in Version 1.7.3 communicates to the Vendor Tomedo Server via HTTP (in cleartext) that can be sniffed by unauthorized actors. | 9.8 |