Vulnerabilities > Insufficiently Protected Credentials
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2017-10-11 | CVE-2017-5700 | Insufficiently Protected Credentials vulnerability in Intel products Insufficient protection of password storage in system firmware for Intel NUC7i3BNK, NUC7i3BNH, NUC7i5BNK, NUC7i5BNH, NUC7i7BNH versions BN0049 and below allows local attackers to bypass Administrator and User passwords via access to password storage. | 8.4 |
2017-10-05 | CVE-2017-13998 | Insufficiently Protected Credentials vulnerability in Loytec Lvis-3Me Firmware 6.1.1 An Insufficiently Protected Credentials issue was discovered in LOYTEC LVIS-3ME versions prior to 6.2.0. | 7.5 |
2017-10-05 | CVE-2017-1378 | Insufficiently Protected Credentials vulnerability in IBM Tivoli Storage Manager IBM Spectrum Protect 7.1 and 8.1 (formerly Tivoli Storage Manager) disclosed unencrypted login credentials to Vmware vCenter in the application trace output which could be obtained by a local user. | 7.8 |
2017-10-05 | CVE-2017-1201 | Insufficiently Protected Credentials vulnerability in IBM Bigfix Security Compliance Analytics 1.9.79 IBM BigFix Compliance Analytics 1.9.79 (TEMA SUAv1 SCA SCM) stores user credentials in clear text which can be read by a local user. | 7.8 |
2017-09-25 | CVE-2017-1362 | Insufficiently Protected Credentials vulnerability in IBM Security Identity Manager 6.0/7.0 IBM Security Identity Manager Adapters 6.0 and 7.0 stores user credentials in plain in clear text which can be read by a local user. | 7.8 |
2017-09-13 | CVE-2017-14418 | Insufficiently Protected Credentials vulnerability in Dlink Dir-850L Firmware The D-Link NPAPI extension, as used in conjunction with D-Link DIR-850L REV. | 8.1 |
2017-09-07 | CVE-2017-13771 | Insufficiently Protected Credentials vulnerability in Lexmark Scan to Network 3.2.9 Lexmark Scan To Network (SNF) 3.2.9 and earlier stores network configuration credentials in plaintext and transmits them in requests, which allows remote attackers to obtain sensitive information via requests to (1) cgi-bin/direct/printer/prtappauth/apps/snfDestServlet or (2) cgi-bin/direct/printer/prtappauth/apps/ImportExportServlet. | 9.8 |
2017-08-01 | CVE-2017-4923 | Insufficiently Protected Credentials vulnerability in VMWare Vcenter Server 6.5 VMware vCenter Server (6.5 prior to 6.5 U1) contains an information disclosure vulnerability. | 9.8 |
2017-07-20 | CVE-2017-6532 | Insufficiently Protected Credentials vulnerability in Televes Coaxdata Gateway 1Gbps Firmware 1.02.00144.20 Televes COAXDATA GATEWAY 1Gbps devices doc-wifi-hgw_v1.02.0014 4.20 have cleartext credentials in /mib.db. | 9.8 |
2017-07-17 | CVE-2017-11349 | Insufficiently Protected Credentials vulnerability in Datataker Dt8X Firmware 1.72.007 dataTaker DT8x dEX 1.72.007 allows remote attackers to compose programs or schedules, for purposes such as sending e-mail messages or making outbound connections to FTP servers for uploading data. | 9.8 |