Vulnerabilities > Insufficiently Protected Credentials
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-08-06 | CVE-2017-1411 | Insufficiently Protected Credentials vulnerability in IBM Security Identity Governance and Intelligence IBM Security Identity Governance Virtual Appliance 5.2 through 5.2.3.2 does not require that users should have strong passwords by default, which makes it easier for attackers to compromise user accounts. | 7.5 |
| 2018-08-01 | CVE-2018-11050 | Insufficiently Protected Credentials vulnerability in Dell EMC Networker Dell EMC NetWorker versions between 9.0 and 9.1.1.8 through 9.2.1.3, and the version 18.1.0.1 contain a Clear-Text authentication over network vulnerability in the Rabbit MQ Advanced Message Queuing Protocol (AMQP) component. | 8.8 |
| 2018-07-31 | CVE-2018-5543 | Insufficiently Protected Credentials vulnerability in F5 Big-Ip Controller The F5 BIG-IP Controller for Kubernetes 1.0.0-1.5.0 (k8s-bigip-crtl) passes BIG-IP username and password as command line parameters, which may lead to disclosure of the credentials used by the container. | 8.8 |
| 2018-07-24 | CVE-2018-8851 | Insufficiently Protected Credentials vulnerability in Echelon products Echelon SmartServer 1 all versions, SmartServer 2 all versions prior to release 4.11.007, i.LON 100 all versions, and i.LON 600 all versions. | 9.8 |
| 2018-07-10 | CVE-2017-5704 | Insufficiently Protected Credentials vulnerability in Intel Core I3 Platform sample code firmware included with 4th Gen Intel Core Processor, 5th Gen Intel Core Processor, 6th Gen Intel Core Processor, and 7th Gen Intel Core Processor potentially exposes password information in memory to a local attacker with administrative privileges. | 6.7 |
| 2018-07-09 | CVE-2018-1000404 | Insufficiently Protected Credentials vulnerability in Jenkins AWS Codebuild Jenkins project Jenkins AWS CodeBuild Plugin version 0.26 and earlier contains a Insufficiently Protected Credentials vulnerability in AWSClientFactory.java, CodeBuilder.java that can result in Credentials Disclosure. | 7.8 |
| 2018-07-09 | CVE-2018-1000403 | Insufficiently Protected Credentials vulnerability in Jenkins AWS Codedeploy Jenkins project Jenkins AWS CodeDeploy Plugin version 1.19 and earlier contains a Insufficiently Protected Credentials vulnerability in AWSCodeDeployPublisher.java that can result in Credentials Disclosure. | 7.8 |
| 2018-07-09 | CVE-2018-1000401 | Insufficiently Protected Credentials vulnerability in Jenkins AWS Codepipeline Jenkins project Jenkins AWS CodePipeline Plugin version 0.36 and earlier contains a Insufficiently Protected Credentials vulnerability in AWSCodePipelineSCM.java that can result in Credentials Disclosure. | 7.8 |
| 2018-07-06 | CVE-2017-2665 | Insufficiently Protected Credentials vulnerability in multiple products The skyring-setup command creates random password for mongodb skyring database but it writes password in plain text to /etc/skyring/skyring.conf file which is owned by root but read by local user. | 7.0 |
| 2018-07-03 | CVE-2018-11639 | Insufficiently Protected Credentials vulnerability in Dialogic Powermedia XMS 3.5 Plaintext Storage of Passwords within Cookies in /var/www/xms/application/controllers/verifyLogin.php in the administrative console in Dialogic PowerMedia XMS before 3.5 SU2 allows remote attackers to access a user's password in cleartext. | 8.1 |