Vulnerabilities > Insufficiently Protected Credentials
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-12-19 | CVE-2017-17106 | Insufficiently Protected Credentials vulnerability in Zivif Pr115-204-P-Rs Firmware 2.3.4.2103 Credentials for Zivif PR115-204-P-RS V2.3.4.2103 Webcams can be obtained by an unauthenticated remote attacker using a standard web /cgi-bin/hi3510/param.cgi?cmd=getuser HTTP request. | 9.8 |
| 2017-12-16 | CVE-2017-3192 | Insufficiently Protected Credentials vulnerability in D-Link Dir-130 Firmware and Dir-330 Firmware D-Link DIR-130 firmware version 1.23 and DIR-330 firmware version 1.12 do not sufficiently protect administrator credentials. | 9.8 |
| 2017-11-17 | CVE-2017-14111 | Insufficiently Protected Credentials vulnerability in Philips Intellispace Cardiovascular and Xcelera The workstation logging function in Philips IntelliSpace Cardiovascular (ISCV) 2.3.0 and earlier and Xcelera R4.1L1 and earlier records domain authentication credentials, which if accessed allows an attacker to use credentials to access the application, or other user entitlements. | 7.2 |
| 2017-11-15 | CVE-2017-15272 | Insufficiently Protected Credentials vulnerability in Psftp Psftpd 10.0.4 The PSFTPd 10.0.4 Build 729 server stores its configuration inside PSFTPd.dat. | 5.3 |
| 2017-11-13 | CVE-2017-14711 | Insufficiently Protected Credentials vulnerability in Kickbase Bundesliga Manager The Kickbase GmbH "Kickbase Bundesliga Manager" app before 2.2.1 -- aka kickbase-bundesliga-manager/id678241305 -- for iOS is vulnerable to a credentials leak due to transmitting a username and password in cleartext from client to server during registration and authentication. | 8.1 |
| 2017-11-01 | CVE-2017-15918 | Insufficiently Protected Credentials vulnerability in Ignitum Sera 1.2 Sera 1.2 stores the user's login password in plain text in their home directory. | 7.8 |
| 2017-11-01 | CVE-2017-1000245 | Insufficiently Protected Credentials vulnerability in Jenkins SSH The SSH Plugin stores credentials which allow jobs to access remote servers via the SSH protocol. | 9.8 |
| 2017-10-17 | CVE-2017-3760 | Insufficiently Protected Credentials vulnerability in Lenovo Service Framework The Lenovo Service Framework Android application uses a set of nonsecure credentials when performing integrity verification of downloaded applications and/or data. | 8.1 |
| 2017-10-11 | CVE-2017-5700 | Insufficiently Protected Credentials vulnerability in Intel products Insufficient protection of password storage in system firmware for Intel NUC7i3BNK, NUC7i3BNH, NUC7i5BNK, NUC7i5BNH, NUC7i7BNH versions BN0049 and below allows local attackers to bypass Administrator and User passwords via access to password storage. | 8.4 |
| 2017-10-05 | CVE-2017-13998 | Insufficiently Protected Credentials vulnerability in Loytec Lvis-3Me Firmware 6.1.1 An Insufficiently Protected Credentials issue was discovered in LOYTEC LVIS-3ME versions prior to 6.2.0. | 7.5 |