Vulnerabilities > Insufficiently Protected Credentials
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2019-05-09 | CVE-2019-11820 | Insufficiently Protected Credentials vulnerability in Synology Calendar Information exposure through process environment vulnerability in Synology Calendar before 2.3.3-0620 allows local users to obtain credentials via cmdline. | 2.1 |
2019-04-30 | CVE-2019-10318 | Insufficiently Protected Credentials vulnerability in Jenkins Azure AD Jenkins Azure AD Plugin 0.3.3 and earlier stored the client secret unencrypted in the global config.xml configuration file on the Jenkins master where it could be viewed by users with access to the master file system. | 8.8 |
2019-04-30 | CVE-2019-10316 | Insufficiently Protected Credentials vulnerability in Jenkins Aqua Microscanner Jenkins Aqua MicroScanner Plugin 1.0.5 and earlier stored credentials unencrypted in its global configuration file on the Jenkins master where they could be viewed by users with access to the master file system. | 8.8 |
2019-04-30 | CVE-2019-10313 | Insufficiently Protected Credentials vulnerability in Jenkins Twitter Jenkins Twitter Plugin stores credentials unencrypted in its global configuration file on the Jenkins master where they can be viewed by users with access to the master file system. | 8.8 |
2019-04-22 | CVE-2019-11402 | Insufficiently Protected Credentials vulnerability in Gradle Enterprise In Gradle Enterprise before 2018.5.3, Build Cache Nodes did not store the credentials at rest in an encrypted format. | 9.8 |
2019-04-19 | CVE-2019-11350 | Insufficiently Protected Credentials vulnerability in Cloudbees Jenkins Operations Center 2.150.2.3 CloudBees Jenkins Operations Center 2.150.2.3, when an expired trial license exists, allows Cleartext Password Storage and Retrieval via the proxy configuration page. | 5.0 |
2019-04-18 | CVE-2019-10303 | Insufficiently Protected Credentials vulnerability in Jenkins Azure Publishersettings Credentials 1.0/1.1/1.2 Jenkins Azure PublisherSettings Credentials Plugin 1.2 and earlier stored credentials unencrypted in the credentials.xml file on the Jenkins master where they could be viewed by users with access to the master file system. | 8.8 |
2019-04-18 | CVE-2019-10302 | Insufficiently Protected Credentials vulnerability in Jenkins Jira-Ext Jenkins jira-ext Plugin 0.8 and earlier stored credentials unencrypted in its global configuration file on the Jenkins master where they could be viewed by users with access to the master file system. | 8.8 |
2019-04-15 | CVE-2019-6609 | Insufficiently Protected Credentials vulnerability in F5 products Platform dependent weakness. | 5.0 |
2019-04-10 | CVE-2019-0035 | Insufficiently Protected Credentials vulnerability in Juniper Junos 15.1/15.1X49/15.1X53 When "set system ports console insecure" is enabled, root login is disallowed for Junos OS as expected. | 7.2 |