Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-522

CWE-522

Insufficiently Protected Credentials

Parent: CWE-1390 - Weak Authentication

The product transmits or stores authentication credentials, but it uses an insecure method that is susceptible to unauthorized interception and/or retrieval.

1,358 vulnerabilities with CWE-522

CVE-2024-51240 HIGH

OpenWRT Luci LTS - Privilege Escalation

CVE-2024-34885 MEDIUM

Bitrix24 23.300.100 - Insufficiently Protected Credentials in SMTP Server Settings

CVE-2024-34887 MEDIUM

Bitrix24 23.300.100 - Insufficiently Protected Credentials in AD/LDAP Server Settings

CVE-2024-34883 MEDIUM

Bitrix24 23.300.100 - Insufficiently Protected Credentials in DAV Server Settings

CVE-2024-34882 MEDIUM

Bitrix24 23.300.100 - Insufficiently Protected Credentials in SMTP Server Settings

CVE-2024-43812 HIGH

Kieback & Peter's DDC4000 - Info Disclosure

CVE-2024-9677 MEDIUM

Zyxel uOS < 1.30 - Authenticated Privilege Escalation via CLI Token Theft

CVE-2024-44000 CRITICAL

LiteSpeed Cache < 6.5.0.1 - Unauthenticated Authentication Bypass via Insufficiently Protected Credentials

CVE-2024-7755 HIGH

HMS Networks EWON FLEXY 202 >=14.2s0 <14.2s0 - Insufficiently Protected Credentials via Base64 Encoding

CVE-2024-49396 HIGH

Elvaco M-Bus Metering Gateway CMe3100 - Insufficiently Protected Credentials

CVE-2024-20462 MEDIUM

Cisco ATA 190 Series - Info Disclosure

CVE-2024-47161 MEDIUM

JetBrains TeamCity <2024.07.3 - Info Disclosure

CVE-2024-47805 HIGH

Jenkins Credentials Plugin <1380.va - Info Disclosure

CVE-2024-37187 MEDIUM

Advantech ADAM-5550 Firmware - Insufficiently Protected Credentials via Base64 Encoding

CVE-2024-34542 MEDIUM

Advantech ADAM-5630 - Info Disclosure

CVE-2024-45744 LOW

TopQuadrant TopBraid EDG <7.1.3 - Info Disclosure

CVE-2024-31899 MEDIUM

IBM Cognos Command Center <10.2.5 - Info Disclosure

CVE-2024-9014 CRITICAL

pgAdmin < 8.12 - OAuth2 Credential Exposure

CVE-2024-40703 MEDIUM

IBM Cognos Analytics <12.0.3 - Info Disclosure

CVE-2024-47162 MEDIUM

JetBrains YouTrack <2024.3.44799 - Info Disclosure

CVE-2024-8986 CRITICAL

Grafana Plugin SDK < 0.250.0 - Insufficiently Protected Credentials via Git Repository URI

CVE-2024-8777 HIGH

syscomgo omflow 1.1.6.0-1.2.1.2 - Unauthenticated Information Leakage via LDAP Configuration

CVE-2024-31415 MEDIUM

Eaton Foreseer Electrical Power Monitoring System < 7.8.600 - Insufficiently Protected Credentials

CVE-2024-28981 HIGH

Hitachi Vantara Pentaho Data Integration & Analytics <10.1.0.0, <9....

CVE-2024-20489 HIGH

Cisco IOS XR - Authenticated MongoDB Credential Exposure via PON Controller Configuration File

Previous Page 11 of 55 Next

Details

Vulnerabilities 1,358

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy