Vulnerabilities > Insufficiently Protected Credentials
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-12-23 | CVE-2018-20384 | Insufficiently Protected Credentials vulnerability in Inovobb Ib-8120-W21 Firmware and Ib-8120-W21E1 Firmware iNovo Broadband IB-8120-W21 139.4410mp1.004200.002 and IB-8120-W21E1 139.4410mp1.3921132mp1.899.004404.004 devices allow remote attackers to discover credentials via iso.3.6.1.4.1.4491.2.4.1.1.6.1.1.0 and iso.3.6.1.4.1.4491.2.4.1.1.6.1.2.0 SNMP requests. | 9.8 |
| 2018-12-23 | CVE-2018-20383 | Insufficiently Protected Credentials vulnerability in multiple products ARRIS DG950A 7.10.145 and DG950S 7.10.145.EURO devices allow remote attackers to discover credentials via iso.3.6.1.4.1.4491.2.4.1.1.6.1.1.0 and iso.3.6.1.4.1.4491.2.4.1.1.6.1.2.0 SNMP requests. | 9.8 |
| 2018-12-23 | CVE-2018-20382 | Insufficiently Protected Credentials vulnerability in Jezetek-Intl Bcm93383Wrg Firmware 3.0.7 Jiuzhou BCM93383WRG 139.4410mp1.3921132mp1.899.004404.004 devices allow remote attackers to discover credentials via iso.3.6.1.4.1.4491.2.4.1.1.6.1.1.0 and iso.3.6.1.4.1.4491.2.4.1.1.6.1.2.0 SNMP requests. | 9.8 |
| 2018-12-20 | CVE-2018-17245 | Insufficiently Protected Credentials vulnerability in Elastic Kibana Kibana versions 4.0 to 4.6, 5.0 to 5.6.12, and 6.0 to 6.4.2 contain an error in the way authorization credentials are used when generating PDF reports. | 9.8 |
| 2018-12-20 | CVE-2018-1000851 | Insufficiently Protected Credentials vulnerability in Copay Bitcoin Wallet Copay Bitcoin Wallet version 5.01 to 5.1.0 included. | 9.8 |
| 2018-12-12 | CVE-2018-15717 | Insufficiently Protected Credentials vulnerability in Opendental Open Dental before version 18.4 stores user passwords as base64 encoded MD5 hashes. | 5.3 |
| 2018-12-05 | CVE-2018-16791 | Insufficiently Protected Credentials vulnerability in Solarwinds Sftp/Scp Server 20180910 In SolarWinds SFTP/SCP Server through 2018-09-10, the configuration file is world readable and writable, and stores user passwords in an insecure manner, allowing an attacker to determine passwords for potentially privileged accounts. | 9.8 |
| 2018-12-03 | CVE-2018-19795 | Insufficiently Protected Credentials vulnerability in Chipsbank Umptool ChipsBank UMPTool saves the password to the NAND with a simple substitution cipher, which allows attackers to get full access when having physical access to the device. | 6.8 |
| 2018-11-20 | CVE-2018-16223 | Insufficiently Protected Credentials vulnerability in Qbeecam 1.0.4/1.0.5 Insecure Cryptographic Storage of credentials in com.vestiacom.qbeecamera_preferences.xml in the QBee Cam application through 1.0.5 for Android allows an attacker to retrieve the username and password. | 9.8 |
| 2018-11-20 | CVE-2018-16222 | Insufficiently Protected Credentials vulnerability in Ismartalarm Cleartext Storage of credentials in the iSmartAlarmData.xml configuration file in the iSmartAlarm application through 2.0.8 for Android allows an attacker to retrieve the username and password. | 6.8 |