Vulnerabilities > Insufficiently Protected Credentials
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-11-13 | CVE-2017-14711 | Insufficiently Protected Credentials vulnerability in Kickbase Bundesliga Manager The Kickbase GmbH "Kickbase Bundesliga Manager" app before 2.2.1 -- aka kickbase-bundesliga-manager/id678241305 -- for iOS is vulnerable to a credentials leak due to transmitting a username and password in cleartext from client to server during registration and authentication. | 4.3 |
| 2017-11-01 | CVE-2017-15918 | Insufficiently Protected Credentials vulnerability in Ignitum Sera 1.2 Sera 1.2 stores the user's login password in plain text in their home directory. | 2.1 |
| 2017-11-01 | CVE-2017-1000245 | Insufficiently Protected Credentials vulnerability in Jenkins SSH The SSH Plugin stores credentials which allow jobs to access remote servers via the SSH protocol. | 5.0 |
| 2017-10-11 | CVE-2017-5700 | Insufficiently Protected Credentials vulnerability in Intel products Insufficient protection of password storage in system firmware for Intel NUC7i3BNK, NUC7i3BNH, NUC7i5BNK, NUC7i5BNH, NUC7i7BNH versions BN0049 and below allows local attackers to bypass Administrator and User passwords via access to password storage. | 7.2 |
| 2017-10-05 | CVE-2017-13998 | Insufficiently Protected Credentials vulnerability in Loytec Lvis-3Me Firmware An Insufficiently Protected Credentials issue was discovered in LOYTEC LVIS-3ME versions prior to 6.2.0. | 6.0 |
| 2017-10-05 | CVE-2017-1378 | Insufficiently Protected Credentials vulnerability in IBM Tivoli Storage Manager IBM Spectrum Protect 7.1 and 8.1 (formerly Tivoli Storage Manager) disclosed unencrypted login credentials to Vmware vCenter in the application trace output which could be obtained by a local user. | 2.1 |
| 2017-10-05 | CVE-2017-1201 | Insufficiently Protected Credentials vulnerability in IBM Bigfix Security Compliance Analytics 1.9.79 IBM BigFix Compliance Analytics 1.9.79 (TEMA SUAv1 SCA SCM) stores user credentials in clear text which can be read by a local user. | 2.1 |
| 2017-09-25 | CVE-2017-1362 | Insufficiently Protected Credentials vulnerability in IBM Security Identity Manager 6.0/7.0 IBM Security Identity Manager Adapters 6.0 and 7.0 stores user credentials in plain in clear text which can be read by a local user. | 2.1 |
| 2017-09-13 | CVE-2017-14418 | Insufficiently Protected Credentials vulnerability in Dlink Dir-850L Firmware The D-Link NPAPI extension, as used in conjunction with D-Link DIR-850L REV. | 8.1 |
| 2017-09-07 | CVE-2017-13771 | Insufficiently Protected Credentials vulnerability in Lexmark Scan TO Network 3.2.9 Lexmark Scan To Network (SNF) 3.2.9 and earlier stores network configuration credentials in plaintext and transmits them in requests, which allows remote attackers to obtain sensitive information via requests to (1) cgi-bin/direct/printer/prtappauth/apps/snfDestServlet or (2) cgi-bin/direct/printer/prtappauth/apps/ImportExportServlet. | 5.0 |