Vulnerabilities > Insufficiently Protected Credentials
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-12-23 | CVE-2019-3431 | Insufficiently Protected Credentials vulnerability in ZTE Zxcloud Goldendata VAP Zxivsvapportalxzgav4.01.01.02 All versions up to V4.01.01.02 of ZTE ZXCLOUD GoldenData VAP product have encryption problems vulnerability. | 9.8 |
| 2019-12-19 | CVE-2019-18615 | Insufficiently Protected Credentials vulnerability in Arista Cloudvision Portal 2018.2.0/2018.2.3 In CloudVision Portal (CVP) for all releases in the 2018.2 Train, under certain conditions, the application logs user passwords in plain text for certain API calls, potentially leading to user password exposure. | 4.9 |
| 2019-12-18 | CVE-2019-18572 | Insufficiently Protected Credentials vulnerability in Dell RSA Identity Governance and Lifecycle The RSA Identity Governance and Lifecycle and RSA Via Lifecycle and Governance products prior to 7.1.1 P03 contain an Improper Authentication vulnerability. | 9.8 |
| 2019-12-18 | CVE-2019-19890 | Insufficiently Protected Credentials vulnerability in Humaxdigital Hgb10R-02 Firmware 201608171855 An issue was discovered on Humax Wireless Voice Gateway HGB10R-2 20160817_1855 devices. | 7.5 |
| 2019-12-17 | CVE-2019-16572 | Insufficiently Protected Credentials vulnerability in Jenkins Weibo 1.0.1 Jenkins Weibo Plugin 1.0.1 and earlier stores credentials unencrypted in its global configuration file on the Jenkins master where they can be viewed by users with access to the master file system. | 5.5 |
| 2019-12-17 | CVE-2019-16557 | Insufficiently Protected Credentials vulnerability in Jenkins Redgate SQL Change Automation Jenkins Redgate SQL Change Automation Plugin 2.0.3 and earlier stores credentials unencrypted in job config.xml files on the Jenkins master where they can be viewed by users with Extended Read permission, or access to the master file system. | 6.5 |
| 2019-12-17 | CVE-2019-16556 | Insufficiently Protected Credentials vulnerability in Jenkins Rundeck Jenkins Rundeck Plugin 3.6.5 and earlier stores credentials unencrypted in its global configuration file and in job config.xml files on the Jenkins master where they can be viewed by users with Extended Read permission, or access to the master file system. | 6.5 |
| 2019-12-13 | CVE-2014-0241 | Insufficiently Protected Credentials vulnerability in multiple products rubygem-hammer_cli_foreman: File /etc/hammer/cli.modules.d/foreman.yml world readable | 5.5 |
| 2019-12-09 | CVE-2019-19687 | Insufficiently Protected Credentials vulnerability in Openstack Keystone 15.0.0/16.0.0 OpenStack Keystone 15.0.0 and 16.0.0 is affected by Data Leakage in the list credentials API. | 8.8 |
| 2019-12-06 | CVE-2019-16673 | Insufficiently Protected Credentials vulnerability in Weidmueller products An issue was discovered on Weidmueller IE-SW-VL05M 3.6.6 Build 16102415, IE-SW-VL08MT 3.5.2 Build 16102415, and IE-SW-PL10M 3.3.16 Build 16102416 devices. | 6.5 |