Vulnerabilities > Insufficiently Protected Credentials
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-04-19 | CVE-2019-11350 | Insufficiently Protected Credentials vulnerability in Cloudbees Jenkins Operations Center 2.150.2.3 CloudBees Jenkins Operations Center 2.150.2.3, when an expired trial license exists, allows Cleartext Password Storage and Retrieval via the proxy configuration page. | 9.8 |
| 2019-04-18 | CVE-2019-10303 | Insufficiently Protected Credentials vulnerability in Jenkins Azure Publishersettings Credentials 1.0/1.1/1.2 Jenkins Azure PublisherSettings Credentials Plugin 1.2 and earlier stored credentials unencrypted in the credentials.xml file on the Jenkins master where they could be viewed by users with access to the master file system. | 8.8 |
| 2019-04-18 | CVE-2019-10302 | Insufficiently Protected Credentials vulnerability in Jenkins Jira-Ext Jenkins jira-ext Plugin 0.8 and earlier stored credentials unencrypted in its global configuration file on the Jenkins master where they could be viewed by users with access to the master file system. | 8.8 |
| 2019-04-15 | CVE-2019-6609 | Insufficiently Protected Credentials vulnerability in F5 products Platform dependent weakness. | 9.8 |
| 2019-04-10 | CVE-2019-0035 | Insufficiently Protected Credentials vulnerability in Juniper Junos When "set system ports console insecure" is enabled, root login is disallowed for Junos OS as expected. | 6.8 |
| 2019-04-10 | CVE-2019-0032 | Insufficiently Protected Credentials vulnerability in Juniper Service Insight and Service NOW A password management issue exists where the Organization authentication username and password were stored in plaintext in log files. | 7.8 |
| 2019-04-09 | CVE-2019-5615 | Insufficiently Protected Credentials vulnerability in Rapid7 Insightvm Users with Site-level permissions can access files containing the username-encrypted passwords of Security Console Global Administrators and clear-text passwords for restoring backups, as well as the salt for those passwords. | 6.5 |
| 2019-04-09 | CVE-2019-10630 | Insufficiently Protected Credentials vulnerability in Zyxel Nas326 Firmware 5.21 A plaintext password vulnerability in the Zyxel NAS 326 through 5.21 allows an elevated privileged user to get the admin password of the device. | 8.8 |
| 2019-04-04 | CVE-2019-10299 | Insufficiently Protected Credentials vulnerability in Jenkins Cloudcoreo Deploytime Jenkins CloudCoreo DeployTime Plugin stores credentials unencrypted in its global configuration file on the Jenkins master where they can be viewed by users with access to the master file system. | 8.8 |
| 2019-04-04 | CVE-2019-10298 | Insufficiently Protected Credentials vulnerability in Jenkins Koji Jenkins Koji Plugin stores credentials unencrypted in its global configuration file on the Jenkins master where they can be viewed by users with access to the master file system. | 8.8 |