Vulnerabilities > Insufficiently Protected Credentials
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-04-10 | CVE-2019-0032 | Insufficiently Protected Credentials vulnerability in Juniper Service Insight and Service NOW A password management issue exists where the Organization authentication username and password were stored in plaintext in log files. | 7.8 |
| 2019-04-09 | CVE-2019-5615 | Insufficiently Protected Credentials vulnerability in Rapid7 Insightvm Users with Site-level permissions can access files containing the username-encrypted passwords of Security Console Global Administrators and clear-text passwords for restoring backups, as well as the salt for those passwords. | 6.5 |
| 2019-04-09 | CVE-2019-10630 | Insufficiently Protected Credentials vulnerability in Zyxel Nas326 Firmware 5.21 A plaintext password vulnerability in the Zyxel NAS 326 through 5.21 allows an elevated privileged user to get the admin password of the device. | 8.8 |
| 2019-04-04 | CVE-2019-10299 | Insufficiently Protected Credentials vulnerability in Jenkins Cloudcoreo Deploytime Jenkins CloudCoreo DeployTime Plugin stores credentials unencrypted in its global configuration file on the Jenkins master where they can be viewed by users with access to the master file system. | 8.8 |
| 2019-04-04 | CVE-2019-10298 | Insufficiently Protected Credentials vulnerability in Jenkins Koji Jenkins Koji Plugin stores credentials unencrypted in its global configuration file on the Jenkins master where they can be viewed by users with access to the master file system. | 8.8 |
| 2019-04-04 | CVE-2019-10297 | Insufficiently Protected Credentials vulnerability in Jenkins Sametime Jenkins Sametime Plugin stores credentials unencrypted in its global configuration file on the Jenkins master where they can be viewed by users with access to the master file system. | 8.8 |
| 2019-04-04 | CVE-2019-10296 | Insufficiently Protected Credentials vulnerability in Jenkins Serena SRA Deploy Jenkins Serena SRA Deploy Plugin stores credentials unencrypted in its global configuration file on the Jenkins master where they can be viewed by users with access to the master file system. | 8.8 |
| 2019-04-04 | CVE-2019-10295 | Insufficiently Protected Credentials vulnerability in Jenkins Crittercism-Dsym Jenkins crittercism-dsym Plugin stores credentials unencrypted in job config.xml files on the Jenkins master where they can be viewed by users with Extended Read permission, or access to the master file system. | 8.8 |
| 2019-04-04 | CVE-2019-10294 | Insufficiently Protected Credentials vulnerability in Jenkins Kmap Jenkins Kmap Plugin stores credentials unencrypted in job config.xml files on the Jenkins master where they can be viewed by users with Extended Read permission, or access to the master file system. | 8.8 |
| 2019-04-04 | CVE-2019-10291 | Insufficiently Protected Credentials vulnerability in Jenkins Netsparker Cloud Scan Jenkins Netsparker Cloud Scan Plugin 1.1.5 and older stored credentials unencrypted in its global configuration file on the Jenkins master where they could be viewed by users with access to the master file system. | 8.8 |