Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-522

CWE-522

Insufficiently Protected Credentials

Parent: CWE-1390 - Weak Authentication

The product transmits or stores authentication credentials, but it uses an insecure method that is susceptible to unauthorized interception and/or retrieval.

1,359 vulnerabilities with CWE-522

CVE-2023-33000 HIGH

Jenkins NS-ND Integration Performance Publisher Plugin <= 4.8.0.149 - Insufficiently Protected Credentials

CVE-2023-32988 MEDIUM

Jenkins Azure VM Agents Plugin < 852.v8d35f0960a_43 - Credential ID Enumeration via Missing Permission Check

CVE-2023-20046 HIGH

Cisco StarOS Software - Privilege Escalation

CVE-2023-31136 LOW

PostgresNIO <1.14.2 - Info Disclosure

CVE-2023-28764 LOW

SAP BusinessObjects Platform - Info Disclosure

CVE-2023-24506 HIGH

Milesight NCR/camera <71.8.0.6-r5 - Info Disclosure

CVE-2023-25495 MEDIUM

Lenovo ThinkAgile Firmware - Authenticated LDAP Password Exposure via Web Interface API

CVE-2023-2335 MEDIUM

42gears SureLock <2.40.0 - Info Disclosure

CVE-2023-1778 CRITICAL

GajShield Data Security Firewall <4.28 - Privilege Escalation

CVE-2023-30846 CRITICAL

typed-rest-client < 1.8.0 - Credential Leak via Redirect Authorization Header

CVE-2023-26567 HIGH

Sangoma FreePBX <2302 - Info Disclosure

CVE-2023-28084 MEDIUM

HPE OneView < 6.60.04 and OneView Global Dashboard < 2.72 - Insufficiently Protected Credentials in Appliance Dumps

CVE-2023-28090 MEDIUM

HPE OneView < 6.60.04 and < 8.2 - Insufficiently Protected SNMPv3 Credentials

CVE-2023-28089 HIGH

HPE OneView < 6.60.04 and < 8.2 - Insufficiently Protected Credentials

CVE-2023-28088 HIGH

HPE OneView < 6.60.04 and < 8.2 - Insufficiently Protected Credentials

CVE-2023-28087 MEDIUM

HPE OneView < 6.60.04 and < 8.2 - Insufficiently Protected Credentials

CVE-2023-28086 MEDIUM

HPE OneView < 6.60.04 and < 8.2 - Insufficiently Protected Credentials

CVE-2023-30776 MEDIUM

Apache Superset 1.3.0-2.0.1 - Authenticated Database Password Exposure via REST API

CVE-2023-28131 CRITICAL

Expo SDK 45.0.0-47.9.9 - Unauthenticated Account Takeover via AuthSession Redirect Proxy

CVE-2023-25760 HIGH

Tripleplay < 3.4.0 - Authenticated Incorrect Access Control

CVE-2023-25413 HIGH

Aten PE8108 2.4.232 - Unauthenticated Credential Exposure via Telnet and SNMP

CVE-2023-25407 HIGH

Aten PE8108 2.4.232 - Insufficiently Protected Credentials

CVE-2023-1574 MEDIUM

Drevolutions Remote Desktop Manager <2023.1.9 - Info Disclosure

CVE-2023-1518 HIGH

CP Plus KVMS Pro <2.01.0.T.190521 - Info Disclosure

CVE-2023-1137 MEDIUM

InfraSuite Device Master < 1.0.5 - Insufficiently Protected Credentials

Previous Page 18 of 55 Next

Details

Vulnerabilities 1,359

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy