Vulnerabilities > Insufficiently Protected Credentials
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-09-23 | CVE-2019-15635 | Insufficiently Protected Credentials vulnerability in Grafana 5.4.0 An issue was discovered in Grafana 5.4.0. | 4.9 |
| 2019-09-21 | CVE-2019-16649 | Insufficiently Protected Credentials vulnerability in Supermicro products On Supermicro H11, H12, M11, X9, X10, and X11 products, a combination of encryption and authentication problems in the virtual media service allows capture of BMC credentials and data transferred over virtual media devices. | 10.0 |
| 2019-09-18 | CVE-2019-11664 | Insufficiently Protected Credentials vulnerability in Microfocus Service Manager Clear text password in browser in Micro Focus Service Manager product versions 9.30, 9.31, 9.32, 9.33, 9.34, 9.35, 9.40, 9.41, 9.50, 9.51, 9.52, 9.60, 9.61, 9.62. | 6.5 |
| 2019-09-18 | CVE-2019-11663 | Insufficiently Protected Credentials vulnerability in Microfocus Service Manager Clear text credentials are used to access managers app in Tomcat in Micro Focus Service Manager product versions 9.30, 9.31, 9.32, 9.33, 9.34, 9.35, 9.40, 9.41, 9.50, 9.51, 9.52, 9.60, 9.61, 9.62. | 6.5 |
| 2019-09-18 | CVE-2019-5534 | Insufficiently Protected Credentials vulnerability in VMWare Vcenter Server 6.0/6.5/6.7 VMware vCenter Server (6.7.x prior to 6.7 U3, 6.5 prior to 6.5 U3 and 6.0 prior to 6.0 U3j) contains an information disclosure vulnerability where Virtual Machines deployed from an OVF could expose login information via the virtual machine's vAppConfig properties. | 7.7 |
| 2019-09-17 | CVE-2018-7820 | Insufficiently Protected Credentials vulnerability in Schneider-Electric products A Credentials Management CWE-255 vulnerability exists in the APC UPS Network Management Card 2 AOS v6.5.6, which could cause Remote Monitoring Credentials to be viewed in plaintext when Remote Monitoring is enabled, and then disabled. | 9.8 |
| 2019-09-12 | CVE-2019-10398 | Insufficiently Protected Credentials vulnerability in Jenkins Beaker Builder Jenkins Beaker Builder Plugin 1.9 and earlier stored credentials unencrypted in its global configuration file on the Jenkins master where they could be viewed by users with access to the master file system. | 5.5 |
| 2019-09-11 | CVE-2019-11769 | Insufficiently Protected Credentials vulnerability in Teamviewer 14.2.2558 An issue was discovered in TeamViewer 14.2.2558. | 7.8 |
| 2019-09-05 | CVE-2019-13349 | Insufficiently Protected Credentials vulnerability in Knowage-Suite Knowage In Knowage through 6.1.1, an authenticated user that accesses the users page will obtain all user password hashes. | 4.9 |
| 2019-08-28 | CVE-2019-13348 | Insufficiently Protected Credentials vulnerability in ENG Knowage In Knowage through 6.1.1, an authenticated user who accesses the datasources page will gain access to any data source credentials in cleartext, which includes databases. | 8.8 |