Vulnerabilities > Insufficiently Protected Credentials

DATE	CVE	VULNERABILITY TITLE	RISK
2018-04-03	CVE-2018-4170	Insufficiently Protected Credentials vulnerability in Apple mac OS X An issue was discovered in certain Apple products. local low complexity apple CWE-522	7.8
2018-03-31	CVE-2018-9160	Insufficiently Protected Credentials vulnerability in Sickrage SickRage before v2018.03.09-1 includes cleartext credentials in HTTP responses. network low complexity sickrage CWE-522 critical	9.8
2018-03-30	CVE-2018-5708	Insufficiently Protected Credentials vulnerability in Dlink Dir-601 Firmware 2.02Na An issue was discovered on D-Link DIR-601 B1 2.02NA devices. low complexity dlink CWE-522	8.0
2018-03-29	CVE-2018-9031	Insufficiently Protected Credentials vulnerability in Tnlsoftsolutions Sentry Vision 3.0/3.1/3.2 The login interface on TNLSoftSolutions Sentry Vision 3.x devices provides password disclosure by reading an "if(pwd ==" line in the HTML source code. network low complexity tnlsoftsolutions CWE-522 critical	9.8
2018-03-28	CVE-2017-11510	Insufficiently Protected Credentials vulnerability in Wanscam Hw0021 Firmware 11.6.5.1.120161213 An information leak exists in Wanscam's HW0021 network camera that allows an unauthenticated remote attacker to recover the administrator username and password via an ONVIF GetSnapshotUri request. network low complexity wanscam CWE-522 critical	9.8
2018-03-13	CVE-2018-1000104	Insufficiently Protected Credentials vulnerability in Jenkins Coverity A plaintext storage of a password vulnerability exists in Jenkins Coverity Plugin 1.10.0 and earlier in CIMInstance.java that allows an attacker with local file system access or control of a Jenkins administrator's web browser (e.g. local low complexity jenkins CWE-522	7.8
2018-03-05	CVE-2018-7698	Insufficiently Protected Credentials vulnerability in D-Link Mydlink+ 3.8.5 An issue was discovered in D-Link mydlink+ 3.8.5 build 259 for DCS-933L 1.05.04 and DCS-934L 1.05.04 devices. network high complexity d-link CWE-522	8.1
2018-02-26	CVE-2018-1377	Insufficiently Protected Credentials vulnerability in IBM Security Guardium BIG Data Intelligence 3.1 IBM Security Guardium Big Data Intelligence (SonarG) 3.1 stores user credentials in plain in clear text which can be read by a local user. local low complexity ibm CWE-522	7.8
2018-02-15	CVE-2018-0828	Insufficiently Protected Credentials vulnerability in Microsoft Windows 10 and Windows Server 2016 Windows 10 version 1607 and Windows Server 2016 allow an elevation of privilege vulnerability due to how the MultiPoint management account password is stored, aka "Windows Elevation of Privilege Vulnerability". local low complexity microsoft CWE-522	7.8
2018-02-12	CVE-2017-9969	Insufficiently Protected Credentials vulnerability in Schneider-Electric Igss Mobile 3.01 An information disclosure vulnerability exists in Schneider Electric's IGSS Mobile application version 3.01 and prior. local low complexity schneider-electric CWE-522	6.7