Vulnerabilities > Insufficiently Protected Credentials
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-04-30 | CVE-2019-10318 | Insufficiently Protected Credentials vulnerability in Jenkins Azure AD Jenkins Azure AD Plugin 0.3.3 and earlier stored the client secret unencrypted in the global config.xml configuration file on the Jenkins master where it could be viewed by users with access to the master file system. | 8.8 |
| 2019-04-30 | CVE-2019-10316 | Insufficiently Protected Credentials vulnerability in Jenkins Aqua Microscanner Jenkins Aqua MicroScanner Plugin 1.0.5 and earlier stored credentials unencrypted in its global configuration file on the Jenkins master where they could be viewed by users with access to the master file system. | 8.8 |
| 2019-04-30 | CVE-2019-10313 | Insufficiently Protected Credentials vulnerability in Jenkins Twitter Jenkins Twitter Plugin stores credentials unencrypted in its global configuration file on the Jenkins master where they can be viewed by users with access to the master file system. | 8.8 |
| 2019-04-24 | CVE-2019-10239 | Insufficiently Protected Credentials vulnerability in Robotronic Runasspc 3.7.0.0 Robotronic RunAsSpc 3.7.0.0 protects stored credentials insufficiently, which allows locally authenticated attackers (under the same user context) to obtain cleartext credentials of the stored account. | 7.8 |
| 2019-04-22 | CVE-2019-11402 | Insufficiently Protected Credentials vulnerability in Gradle Enterprise In Gradle Enterprise before 2018.5.3, Build Cache Nodes did not store the credentials at rest in an encrypted format. | 9.8 |
| 2019-04-19 | CVE-2019-11350 | Insufficiently Protected Credentials vulnerability in Cloudbees Jenkins Operations Center 2.150.2.3 CloudBees Jenkins Operations Center 2.150.2.3, when an expired trial license exists, allows Cleartext Password Storage and Retrieval via the proxy configuration page. | 9.8 |
| 2019-04-18 | CVE-2019-10303 | Insufficiently Protected Credentials vulnerability in Jenkins Azure Publishersettings Credentials 1.0/1.1/1.2 Jenkins Azure PublisherSettings Credentials Plugin 1.2 and earlier stored credentials unencrypted in the credentials.xml file on the Jenkins master where they could be viewed by users with access to the master file system. | 8.8 |
| 2019-04-18 | CVE-2019-10302 | Insufficiently Protected Credentials vulnerability in Jenkins Jira-Ext Jenkins jira-ext Plugin 0.8 and earlier stored credentials unencrypted in its global configuration file on the Jenkins master where they could be viewed by users with access to the master file system. | 8.8 |
| 2019-04-15 | CVE-2019-6609 | Insufficiently Protected Credentials vulnerability in F5 products Platform dependent weakness. | 9.8 |
| 2019-04-10 | CVE-2019-0035 | Insufficiently Protected Credentials vulnerability in Juniper Junos When "set system ports console insecure" is enabled, root login is disallowed for Junos OS as expected. | 6.8 |