Vulnerabilities > Insufficiently Protected Credentials
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-05-17 | CVE-2018-10327 | Insufficiently Protected Credentials vulnerability in Printeron 4.1.3 PrinterOn Enterprise 4.1.3 stores the Active Directory bind credentials using base64 encoding, which allows local users to obtain credentials for a domain user by reading the cps_config.xml file. | 7.0 |
| 2018-05-14 | CVE-2017-12127 | Insufficiently Protected Credentials vulnerability in Moxa Edr-810 Firmware 4.1 A password storage vulnerability exists in the operating system functionality of Moxa EDR-810 V4.1 build 17030317. | 4.4 |
| 2018-05-14 | CVE-2017-12123 | Insufficiently Protected Credentials vulnerability in Moxa Edr-810 Firmware 4.1 An exploitable clear text transmission of password vulnerability exists in the web server and telnet functionality of Moxa EDR-810 V4.1 build 17030317. | 8.8 |
| 2018-05-11 | CVE-2018-6618 | Insufficiently Protected Credentials vulnerability in Ehcp Easy Hosting Control Panel 0.37.12.B Easy Hosting Control Panel (EHCP) v0.37.12.b allows attackers to obtain sensitive information by leveraging cleartext password storage. | 7.8 |
| 2018-05-04 | CVE-2018-5446 | Insufficiently Protected Credentials vulnerability in Medtronic 2090 Carelink Programmer Firmware All versions of the Medtronic 2090 Carelink Programmer are affected by a per-product username and password that is stored in a recoverable format which could allow an attacker with physical access to a 2090 Programmer to obtain per-product credentials to the software deployment network. | 5.3 |
| 2018-04-26 | CVE-2018-1074 | Insufficiently Protected Credentials vulnerability in multiple products ovirt-engine API and administration web portal before versions 4.2.2.5, 4.1.11.2 is vulnerable to an exposure of Power Management credentials, including cleartext passwords to Host Administrators. | 7.2 |
| 2018-04-24 | CVE-2017-9654 | Insufficiently Protected Credentials vulnerability in Philips Dosewise 1.1.7.333/2.1.1.3069 The Philips DoseWise Portal web-based application versions 1.1.7.333 and 2.1.1.3069 stores login credentials in clear text within backend system files. | 8.8 |
| 2018-04-23 | CVE-2017-1764 | Insufficiently Protected Credentials vulnerability in IBM Cognos Business Intelligence IBM Cognos Business Intelligence 10.2, 10.2.1, 10.2.1.1, and 10.2.2, under specialized circumstances, could expose plain text credentials to a local user. | 7.0 |
| 2018-04-22 | CVE-2018-10286 | Insufficiently Protected Credentials vulnerability in Ericssonlg Ipecs NMS A.1Ac The Ericsson-LG iPECS NMS A.1Ac web application discloses sensitive information such as the NMS admin credentials and the PostgreSQL database credentials to logged-in users via the responses to certain HTTP POST requests. | 8.8 |
| 2018-04-11 | CVE-2018-10024 | Insufficiently Protected Credentials vulnerability in Ubiquoss Vp5208A Firmware ubiQuoss Switch VP5208A creates a bcm_password file at /cgi-bin/ with the user credentials in cleartext when a failed login attempt occurs. | 9.8 |