Vulnerabilities > Insufficiently Protected Credentials
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-03-13 | CVE-2018-1000104 | Insufficiently Protected Credentials vulnerability in Jenkins Coverity A plaintext storage of a password vulnerability exists in Jenkins Coverity Plugin 1.10.0 and earlier in CIMInstance.java that allows an attacker with local file system access or control of a Jenkins administrator's web browser (e.g. | 7.8 |
| 2018-03-05 | CVE-2018-7698 | Insufficiently Protected Credentials vulnerability in D-Link Mydlink+ 3.8.5 An issue was discovered in D-Link mydlink+ 3.8.5 build 259 for DCS-933L 1.05.04 and DCS-934L 1.05.04 devices. | 8.1 |
| 2018-02-26 | CVE-2018-1377 | Insufficiently Protected Credentials vulnerability in IBM Security Guardium BIG Data Intelligence 3.1 IBM Security Guardium Big Data Intelligence (SonarG) 3.1 stores user credentials in plain in clear text which can be read by a local user. | 7.8 |
| 2018-02-15 | CVE-2018-0828 | Insufficiently Protected Credentials vulnerability in Microsoft Windows 10 and Windows Server 2016 Windows 10 version 1607 and Windows Server 2016 allow an elevation of privilege vulnerability due to how the MultiPoint management account password is stored, aka "Windows Elevation of Privilege Vulnerability". | 7.8 |
| 2018-02-12 | CVE-2017-9969 | Insufficiently Protected Credentials vulnerability in Schneider-Electric Igss Mobile 3.01 An information disclosure vulnerability exists in Schneider Electric's IGSS Mobile application version 3.01 and prior. | 6.7 |
| 2018-02-09 | CVE-2018-1000057 | Insufficiently Protected Credentials vulnerability in Jenkins Credentials Binding Jenkins Credentials Binding Plugin 1.14 and earlier masks passwords it provides to build processes in their build logs. | 4.3 |
| 2018-01-31 | CVE-2017-15656 | Insufficiently Protected Credentials vulnerability in Asus Asuswrt 3.0.0.4.378/3.0.0.4.380.7743 Password are stored in plaintext in nvram in the HTTPd server in all current versions (<= 3.0.0.4.380.7743) of Asus asuswrt. | 8.8 |
| 2018-01-29 | CVE-2017-1779 | Insufficiently Protected Credentials vulnerability in multiple products IBM Cognos Analytics 11.0 could store cached credentials locally that could be obtained by a local user. | 7.8 |
| 2018-01-26 | CVE-2017-1000387 | Insufficiently Protected Credentials vulnerability in Jenkins Build-Publisher Jenkins Build-Publisher plugin version 1.21 and earlier stores credentials to other Jenkins instances in the file hudson.plugins.build_publisher.BuildPublisher.xml in the Jenkins master home directory. | 7.8 |
| 2017-12-20 | CVE-2017-16731 | Insufficiently Protected Credentials vulnerability in Hitachienergy Ellipse 8.3.0/8.9.0 An Unprotected Transport of Credentials issue was discovered in ABB Ellipse 8.3 through Ellipse 8.9 released prior to December 2017 (including Ellipse Select). | 8.8 |