Vulnerabilities > Insufficiently Protected Credentials
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-10-02 | CVE-2018-1498 | Insufficiently Protected Credentials vulnerability in IBM Security Guardium 10.5 IBM Security Guardium EcoSystem 10.5 stores user credentials in plain in clear text which can be read by a local user. | 7.8 |
| 2018-09-28 | CVE-2018-17613 | Insufficiently Protected Credentials vulnerability in Telegram Desktop 1.3.16 Telegram Desktop (aka tdesktop) 1.3.16 alpha, when "Use proxy" is enabled, sends credentials and application data in cleartext over the SOCKS5 protocol. | 9.8 |
| 2018-09-18 | CVE-2018-16669 | Insufficiently Protected Credentials vulnerability in Circontrol Open Charge Point Protocol 1.0.0 An issue was discovered in CIRCONTROL Open Charge Point Protocol (OCPP) before 1.5.0, as used in CirCarLife, PowerStudio, and other products. | 9.8 |
| 2018-09-14 | CVE-2018-10814 | Insufficiently Protected Credentials vulnerability in Synametrics Synaman 4.0 Synametrics SynaMan 4.0 build 1488 uses cleartext password storage for SMTP credentials. | 7.8 |
| 2018-09-13 | CVE-2018-16987 | Insufficiently Protected Credentials vulnerability in Squashtest Squash TM Squash TM through 1.18.0 presents the cleartext passwords of external services in the administration panel, as demonstrated by a ta-server-password field in the HTML source code. | 7.2 |
| 2018-09-07 | CVE-2017-17691 | Insufficiently Protected Credentials vulnerability in Contronics Homeputer CL Studio FUR Homematic Homeputer CL Studio fur HomeMatic 4.0 Rel 160808 and earlier uses cleartext to exchange the username and password between server and client instances, which allows remote attackers to obtain sensitive information via a man in the middle attack. | 8.1 |
| 2018-09-06 | CVE-2017-16714 | Insufficiently Protected Credentials vulnerability in Iceqube Thermal Management Center Firmware 3.18 In Ice Qube Thermal Management Center versions prior to version 4.13, passwords are stored in plaintext in a file that is accessible without authentication. | 9.8 |
| 2018-08-30 | CVE-2018-13822 | Insufficiently Protected Credentials vulnerability in Broadcom Project Portfolio Management Unprotected storage of credentials in CA PPM 14.3 and below, 14.4, 15.1, 15.2 CP5 and below, and 15.3 CP2 and below, allows attackers to access sensitive information. | 7.5 |
| 2018-08-22 | CVE-2018-1139 | Insufficiently Protected Credentials vulnerability in multiple products A flaw was found in the way samba before 4.7.9 and 4.8.4 allowed the use of weak NTLMv1 authentication even when NTLMv1 was explicitly disabled. | 8.1 |
| 2018-08-10 | CVE-2018-10622 | Insufficiently Protected Credentials vulnerability in Medtronic products A vulnerability was discovered in all versions of Medtronic MyCareLink 24950 and 24952 Patient Monitor. | 7.1 |