Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-522

CWE-522

Insufficiently Protected Credentials

Parent: CWE-1390 - Weak Authentication

The product transmits or stores authentication credentials, but it uses an insecure method that is susceptible to unauthorized interception and/or retrieval.

1,359 vulnerabilities with CWE-522

CVE-2023-50291 HIGH

Apache Solr 6.0.0-8.11.2 and 9.0.0-9.2.9 - Authenticated Credential Exposure via /admin/info/properties Endpoint

CVE-2023-29055 HIGH

Apache Kylin <4.0.3 - Info Disclosure

CVE-2023-6573 MEDIUM

HPE OneView < 8.70 - Insufficiently Protected Credentials during Restore

CVE-2023-49106 MEDIUM

Hitachi Device Manager <8.8.5-04 - Info Disclosure

CVE-2023-50125 MEDIUM

Hozard Alarm System v1.0 - Unauthenticated Default Credential Exposure

CVE-2023-29447 MEDIUM

PTC Kepware Kepserverex - Insufficiently Protected Credentials

CVE-2023-6421 HIGH

WordPress Download Mgr <3.2.83 - Info Disclosure

CVE-2023-47741 MEDIUM

IBM i 7.3-7.5 and Db2 Mirror for i 7.4-7.5 - Insufficiently Protected Credentials in Web Browser Client

CVE-2023-6791 MEDIUM

Palo Alto Networks PAN-OS - Info Disclosure

CVE-2023-50770 MEDIUM

Jenkins OpenId Connect Authentication Plugin < 2.6 - Insufficiently Protected Credentials

CVE-2023-47577 CRITICAL

Relyum RELY-PCIe and RELY-REC - Unauthenticated Password Change

CVE-2023-47722 MEDIUM

IBM API Connect V10.0.5.3 and V10.0.6.0 - Insufficiently Protected Credentials

CVE-2023-32268 HIGH

Micro Focus Filr < 23.2.1 - Authenticated Proxy Administrator Credential Exposure

CVE-2023-49280 HIGH

XWiki Change Request < 1.10 - Authenticated Password Hash Exposure via Change Request Export

CVE-2023-24047 MEDIUM

Connectize AC21000 G6 <641.139.1 - Privilege Escalation

CVE-2023-44300 MEDIUM

Dell DM5500 5.14.0.0 - Info Disclosure

CVE-2023-49653 MEDIUM

Jenkins Jira Plugin < 3.11 - Insufficiently Protected Credentials

CVE-2023-6254 HIGH

OTRS 8.0.1-8.0.37 - Insufficiently Protected Credentials via AgentInterface and ExternalInterface

CVE-2023-44303 HIGH

RVTools 3.9.2-4.5.0 - Unauthenticated Sensitive Data Exposure in Password Encryption Utility

CVE-2023-41676 MEDIUM

FortiSIEM < 6.7.5 and 7.0.0 - Unauthenticated Sensitive Information Exposure via Windows Agent Logs

CVE-2023-26221 MEDIUM

TIBCO Spotfire Analyst 12.3.0, 12.4.0, 12.5.0 - Insufficiently Protected Credentials via Crafted Analyst Files

CVE-2023-38548 MEDIUM

Veeam ONE - Unprotected Credential Exposure via Web Client

CVE-2023-38328 MEDIUM

eGroupWare 17.1.20190111 - Info Disclosure

CVE-2023-43905 HIGH

writercms 1.1.0 - Insufficiently Protected Credentials

CVE-2023-46651 MEDIUM

Jenkins Warnings Plugin <10.5.0 - Info Disclosure

Previous Page 15 of 55 Next

Details

Vulnerabilities 1,359

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy