Vulnerabilities > Insufficiently Protected Credentials
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-10-12 | CVE-2017-1231 | Insufficiently Protected Credentials vulnerability in IBM Bigfix Platform IBM BigFix Platform 9.5 - 9.5.9 stores user credentials in plain in clear text which can be read by a local user. | 7.8 |
| 2018-10-10 | CVE-2018-13789 | Insufficiently Protected Credentials vulnerability in Descor Infocad FM An issue was discovered in Descor Infocad FM before 3.1.0.0. | 7.5 |
| 2018-10-09 | CVE-2018-18074 | Insufficiently Protected Credentials vulnerability in multiple products The Requests package before 2.20.0 for Python sends an HTTP Authorization header to an http URI upon receiving a same-hostname https-to-http redirect, which makes it easier for remote attackers to discover credentials by sniffing the network. | 7.5 |
| 2018-10-09 | CVE-2018-14081 | Insufficiently Protected Credentials vulnerability in D-Link products An issue was discovered on D-Link DIR-809 A1 through 1.09, A2 through 1.11, and Guest Zone through 1.09 devices. | 9.8 |
| 2018-10-04 | CVE-2018-17871 | Insufficiently Protected Credentials vulnerability in Verint Verba Collaboration Compliance and Quality Management Platform Verba Collaboration Compliance and Quality Management Platform before 9.2.1.5545 has Incorrect Access Control. | 6.5 |
| 2018-10-03 | CVE-2017-2751 | Insufficiently Protected Credentials vulnerability in HP products A BIOS password extraction vulnerability has been reported on certain consumer notebooks with firmware F.22 and others. | 4.6 |
| 2018-10-03 | CVE-2018-17969 | Insufficiently Protected Credentials vulnerability in Samsung Scx-6545X Firmware 2.00.03.01 Samsung SCX-6545X V2.00.03.01 03-23-2012 devices allows remote attackers to discover cleartext credentials via iso.3.6.1.4.1.236.11.5.11.81.10.1.5.0 and iso.3.6.1.4.1.236.11.5.11.81.10.1.6.0 SNMP requests. | 9.8 |
| 2018-10-02 | CVE-2018-11752 | Insufficiently Protected Credentials vulnerability in Puppet Cisco IOS 0.1.0/0.2.0/0.3.0 Previous releases of the Puppet cisco_ios module output SSH session debug information including login credentials to a world readable file on every run. | 5.5 |
| 2018-10-02 | CVE-2018-11748 | Insufficiently Protected Credentials vulnerability in Puppet Device Manager Previous releases of the Puppet device_manager module creates configuration files containing credentials that are world readable. | 7.8 |
| 2018-10-02 | CVE-2018-16984 | Insufficiently Protected Credentials vulnerability in Djangoproject Django 2.1/2.1.1 An issue was discovered in Django 2.1 before 2.1.2, in which unprivileged users can read the password hashes of arbitrary accounts. | 4.9 |