Vulnerabilities > Insufficiently Protected Credentials
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-09-07 | CVE-2017-17691 | Insufficiently Protected Credentials vulnerability in Contronics Homeputer CL Studio FUR Homematic Homeputer CL Studio fur HomeMatic 4.0 Rel 160808 and earlier uses cleartext to exchange the username and password between server and client instances, which allows remote attackers to obtain sensitive information via a man in the middle attack. | 8.1 |
| 2018-09-06 | CVE-2017-16714 | Insufficiently Protected Credentials vulnerability in Iceqube Thermal Management Center Firmware 3.18 In Ice Qube Thermal Management Center versions prior to version 4.13, passwords are stored in plaintext in a file that is accessible without authentication. | 9.8 |
| 2018-08-30 | CVE-2018-13822 | Insufficiently Protected Credentials vulnerability in Broadcom Project Portfolio Management Unprotected storage of credentials in CA PPM 14.3 and below, 14.4, 15.1, 15.2 CP5 and below, and 15.3 CP2 and below, allows attackers to access sensitive information. | 7.5 |
| 2018-08-22 | CVE-2018-1139 | Insufficiently Protected Credentials vulnerability in multiple products A flaw was found in the way samba before 4.7.9 and 4.8.4 allowed the use of weak NTLMv1 authentication even when NTLMv1 was explicitly disabled. | 8.1 |
| 2018-08-10 | CVE-2018-10622 | Insufficiently Protected Credentials vulnerability in Medtronic products A vulnerability was discovered in all versions of Medtronic MyCareLink 24950 and 24952 Patient Monitor. | 7.1 |
| 2018-08-06 | CVE-2017-1411 | Insufficiently Protected Credentials vulnerability in IBM Security Identity Governance and Intelligence IBM Security Identity Governance Virtual Appliance 5.2 through 5.2.3.2 does not require that users should have strong passwords by default, which makes it easier for attackers to compromise user accounts. | 7.5 |
| 2018-08-01 | CVE-2018-11050 | Insufficiently Protected Credentials vulnerability in Dell EMC Networker Dell EMC NetWorker versions between 9.0 and 9.1.1.8 through 9.2.1.3, and the version 18.1.0.1 contain a Clear-Text authentication over network vulnerability in the Rabbit MQ Advanced Message Queuing Protocol (AMQP) component. | 8.8 |
| 2018-07-31 | CVE-2018-5543 | Insufficiently Protected Credentials vulnerability in F5 Big-Ip Controller The F5 BIG-IP Controller for Kubernetes 1.0.0-1.5.0 (k8s-bigip-crtl) passes BIG-IP username and password as command line parameters, which may lead to disclosure of the credentials used by the container. | 8.8 |
| 2018-07-24 | CVE-2018-8851 | Insufficiently Protected Credentials vulnerability in Echelon products Echelon SmartServer 1 all versions, SmartServer 2 all versions prior to release 4.11.007, i.LON 100 all versions, and i.LON 600 all versions. | 9.8 |
| 2018-07-10 | CVE-2017-5704 | Insufficiently Protected Credentials vulnerability in Intel Core I3 Platform sample code firmware included with 4th Gen Intel Core Processor, 5th Gen Intel Core Processor, 6th Gen Intel Core Processor, and 7th Gen Intel Core Processor potentially exposes password information in memory to a local attacker with administrative privileges. | 6.7 |