Vulnerabilities > Insufficiently Protected Credentials
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-07-03 | CVE-2019-9823 | Insufficiently Protected Credentials vulnerability in Jetbrains Intellij Idea In several JetBrains IntelliJ IDEA versions, creating remote run configurations of JavaEE application servers leads to saving a cleartext record of the server credentials in the IDE configuration files. | 9.8 |
| 2019-07-03 | CVE-2019-12847 | Insufficiently Protected Credentials vulnerability in Jetbrains HUB In JetBrains Hub versions earlier than 2018.4.11298, the audit events for SMTPSettings show a cleartext password to the admin user. | 7.2 |
| 2019-07-02 | CVE-2019-13179 | Insufficiently Protected Credentials vulnerability in Calamares Calamares versions 3.1 through 3.2.10 copies a LUKS encryption keyfile from /crypto_keyfile.bin (mode 0600 owned by root) to /boot within a globally readable initramfs image with insecure permissions, which allows this originally protected file to be read by any user, thereby disclosing decryption keys for LUKS containers created with Full Disk Encryption. | 7.5 |
| 2019-07-02 | CVE-2019-7260 | Insufficiently Protected Credentials vulnerability in Nortekcontrol products Linear eMerge E3-Series devices have Cleartext Credentials in a Database. | 9.8 |
| 2019-07-01 | CVE-2019-7271 | Insufficiently Protected Credentials vulnerability in Nortekcontrol products Nortek Linear eMerge 50P/5000P devices have Default Credentials. | 9.8 |
| 2019-06-29 | CVE-2019-13054 | Insufficiently Protected Credentials vulnerability in Logitech R500 Firmware The Logitech R500 presentation clicker allows attackers to determine the AES key, leading to keystroke injection. | 6.5 |
| 2019-06-26 | CVE-2019-11272 | Insufficiently Protected Credentials vulnerability in multiple products Spring Security, versions 4.2.x up to 4.2.12, and older unsupported versions support plain text passwords using PlaintextPasswordEncoder. | 7.3 |
| 2019-06-19 | CVE-2019-4385 | Insufficiently Protected Credentials vulnerability in IBM Spectrum Protect Plus IBM Spectrum Protect Plus 10.1.2 may display the vSnap CIFS password in the IBM Spectrum Protect Plus Joblog. | 6.5 |
| 2019-06-19 | CVE-2019-11271 | Insufficiently Protected Credentials vulnerability in Cloud Foundry Bosh 270.0.0/270.1.0 Cloud Foundry BOSH 270.x versions prior to v270.1.1, contain a BOSH Director that does not properly redact credentials when configured to use a MySQL database. | 7.8 |
| 2019-06-14 | CVE-2019-4239 | Insufficiently Protected Credentials vulnerability in IBM Cloud Private IBM MQ Advanced Cloud Pak (IBM Cloud Private 1.0.0 through 3.0.1) stores user credentials in plain in clear text which can be read by a local user. | 5.5 |