Vulnerabilities > Insufficiently Protected Credentials
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-12-06 | CVE-2019-16672 | Insufficiently Protected Credentials vulnerability in Weidmueller products An issue was discovered on Weidmueller IE-SW-VL05M 3.6.6 Build 16102415, IE-SW-VL08MT 3.5.2 Build 16102415, and IE-SW-PL10M 3.3.16 Build 16102416 devices. | 9.8 |
| 2019-12-03 | CVE-2013-2106 | Insufficiently Protected Credentials vulnerability in multiple products webauth before 4.6.1 has authentication credential disclosure | 7.5 |
| 2019-11-25 | CVE-2012-5527 | Insufficiently Protected Credentials vulnerability in Claws-Mail Vcalendar Claws Mail vCalendar plugin: credentials exposed on interface | 5.5 |
| 2019-11-25 | CVE-2019-10214 | Insufficiently Protected Credentials vulnerability in multiple products The containers/image library used by the container tools Podman, Buildah, and Skopeo in Red Hat Enterprise Linux version 8 and CRI-O in OpenShift Container Platform, does not enforce TLS connections to the container registry authorization service. | 5.9 |
| 2019-11-22 | CVE-2019-10206 | Insufficiently Protected Credentials vulnerability in multiple products ansible-playbook -k and ansible cli tools, all versions 2.8.x before 2.8.4, all 2.7.x before 2.7.13 and all 2.6.x before 2.6.19, prompt passwords by expanding them from templates as they could contain special characters. | 6.5 |
| 2019-11-21 | CVE-2013-3313 | Insufficiently Protected Credentials vulnerability in Loftek Nexus 543 Firmware The Loftek Nexus 543 IP Camera stores passwords in cleartext, which allows remote attackers to obtain sensitive information via an HTTP GET request to check_users.cgi. | 7.5 |
| 2019-11-21 | CVE-2019-16544 | Insufficiently Protected Credentials vulnerability in Qmetry Jenkins Qmetry for Jira Jenkins QMetry for JIRA - Test Management Plugin 1.12 and earlier stores credentials unencrypted in job config.xml files on the Jenkins master where they can be viewed by users with Extended Read permission, or access to the master file system. | 8.8 |
| 2019-11-21 | CVE-2019-16543 | Insufficiently Protected Credentials vulnerability in Jenkins Spira Importer 3.2.2 Jenkins Spira Importer Plugin 3.2.2 and earlier stores credentials unencrypted in its global configuration file on the Jenkins master where they can be viewed by users with access to the master file system. | 5.5 |
| 2019-11-21 | CVE-2019-16542 | Insufficiently Protected Credentials vulnerability in Jenkins Anchore Container Image Scanner Jenkins Anchore Container Image Scanner Plugin 1.0.19 and earlier stores credentials unencrypted in job config.xml files on the Jenkins master where they can be viewed by users with Extended Read permission, or access to the master file system. | 6.5 |
| 2019-11-18 | CVE-2018-21031 | Insufficiently Protected Credentials vulnerability in Plex Media Server 1.18.2.202936236Cc4C Tautulli versions 2.1.38 and below allows remote attackers to bypass intended access control in Plex Media Server because the X-Plex-Token is mishandled and can be retrieved from Tautulli. | 6.5 |