Vulnerabilities > Insufficiently Protected Credentials
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-06-03 | CVE-2019-11367 | Insufficiently Protected Credentials vulnerability in AUO Solar Data Recorder An issue was discovered in AUO Solar Data Recorder before 1.3.0. | 9.8 |
| 2019-06-03 | CVE-2019-11369 | Insufficiently Protected Credentials vulnerability in Carel Pcoweb Card Firmware A2.1.0/B.2.1.0 An issue was discovered in Carel pCOWeb prior to B1.2.4. | 8.8 |
| 2019-05-31 | CVE-2019-10981 | Insufficiently Protected Credentials vulnerability in Schneider-Electric Citectscada and Scada Expert Vijeo Citect In Vijeo Citect 7.30 and 7.40, and CitectSCADA 7.30 and 7.40, a vulnerability has been identified that may allow an authenticated local user access to Citect user credentials. | 7.8 |
| 2019-05-31 | CVE-2019-10329 | Insufficiently Protected Credentials vulnerability in Eficode Influxdb Jenkins InfluxDB Plugin 1.21 and earlier stored credentials unencrypted in its global configuration file on the Jenkins master where they can be viewed by users with access to the master file system. | 8.8 |
| 2019-05-29 | CVE-2019-12452 | Insufficiently Protected Credentials vulnerability in Traefik types/types.go in Containous Traefik 1.7.x through 1.7.11, when the --api flag is used and the API is publicly reachable and exposed without sufficient access control (which is contrary to the API documentation), allows remote authenticated users to discover password hashes by reading the Basic HTTP Authentication or Digest HTTP Authentication section, or discover a key by reading the ClientTLS section. | 7.5 |
| 2019-05-29 | CVE-2019-4138 | Insufficiently Protected Credentials vulnerability in IBM Spectrum Control IBM Tivoli Storage Productivity Center 5.2.13 through 5.3.0.1 could allow a remote attacker to obtain sensitive information, caused by the failure to properly enable HTTP Strict Transport Security. | 5.9 |
| 2019-05-22 | CVE-2019-5627 | Insufficiently Protected Credentials vulnerability in Bluecats BC Reveal The iOS mobile application BlueCats Reveal before 5.14 stores the username and password in the app cache as base64 encoded strings, i.e. | 7.8 |
| 2019-05-22 | CVE-2019-5626 | Insufficiently Protected Credentials vulnerability in Bluecats Reveal 3.0.18 The Android mobile application BlueCats Reveal before 3.0.19 stores the username and password in a clear text file. | 7.8 |
| 2019-05-22 | CVE-2019-5625 | Insufficiently Protected Credentials vulnerability in Eaton Halo Home 1.9.0 The Android mobile application Halo Home before 1.11.0 stores OAuth authentication and refresh access tokens in a clear text file. | 7.1 |
| 2019-05-22 | CVE-2019-12046 | Insufficiently Protected Credentials vulnerability in multiple products LemonLDAP::NG -2.0.3 has Incorrect Access Control. | 9.8 |