Vulnerabilities > Insufficiently Protected Credentials
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-06-06 | CVE-2017-7933 | Insufficiently Protected Credentials vulnerability in ABB IP Gateway Firmware 3.39 In ABB IP GATEWAY 3.39 and prior, some configuration files contain passwords stored in plain-text, which may allow an attacker to gain unauthorized access. | 9.8 |
| 2018-05-29 | CVE-2018-11544 | Insufficiently Protected Credentials vulnerability in Theolivetree FTP Server 1.32 The Olive Tree Ftp Server application 1.32 for Android has Insecure Data Storage because a username and password are stored in the /data/data/com.theolivetree.ftpserver/shared_prefs/com.theolivetree.ftpserver_preferences.xml file as the prefUsername and prefUserpass strings. | 9.8 |
| 2018-05-24 | CVE-2018-7518 | Insufficiently Protected Credentials vulnerability in Beaconmedaes Scroll Medical AIR Systems Firmware In TotalAlert Web Application in BeaconMedaes Scroll Medical Air Systems prior to v4107600010.23, an attacker with network access to the integrated web server could retrieve default or user defined credentials stored and transmitted in an insecure manner. | 9.8 |
| 2018-05-23 | CVE-2018-10355 | Insufficiently Protected Credentials vulnerability in Trendmicro Email Encryption Gateway 5.5 An authentication weakness vulnerability in Trend Micro Email Encryption Gateway 5.5 could allow an attacker to recover user passwords on vulnerable installations due to a flaw in the DBCrypto class. | 7.0 |
| 2018-05-18 | CVE-2017-9637 | Insufficiently Protected Credentials vulnerability in Schneider-Electric Ampla Manufacturing Execution System 6.4 Schneider Electric Ampla MES 6.4 provides capability to interact with data from third party databases. | 4.1 |
| 2018-05-17 | CVE-2018-10327 | Insufficiently Protected Credentials vulnerability in Printeron 4.1.3 PrinterOn Enterprise 4.1.3 stores the Active Directory bind credentials using base64 encoding, which allows local users to obtain credentials for a domain user by reading the cps_config.xml file. | 7.0 |
| 2018-05-14 | CVE-2017-12127 | Insufficiently Protected Credentials vulnerability in Moxa Edr-810 Firmware 4.1 A password storage vulnerability exists in the operating system functionality of Moxa EDR-810 V4.1 build 17030317. | 4.4 |
| 2018-05-14 | CVE-2017-12123 | Insufficiently Protected Credentials vulnerability in Moxa Edr-810 Firmware 4.1 An exploitable clear text transmission of password vulnerability exists in the web server and telnet functionality of Moxa EDR-810 V4.1 build 17030317. | 8.8 |
| 2018-05-11 | CVE-2018-6618 | Insufficiently Protected Credentials vulnerability in Ehcp Easy Hosting Control Panel 0.37.12.B Easy Hosting Control Panel (EHCP) v0.37.12.b allows attackers to obtain sensitive information by leveraging cleartext password storage. | 7.8 |
| 2018-05-04 | CVE-2018-5446 | Insufficiently Protected Credentials vulnerability in Medtronic 2090 Carelink Programmer Firmware All versions of the Medtronic 2090 Carelink Programmer are affected by a per-product username and password that is stored in a recoverable format which could allow an attacker with physical access to a 2090 Programmer to obtain per-product credentials to the software deployment network. | 5.3 |