Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-522

CWE-522

Insufficiently Protected Credentials

Parent: CWE-1390 - Weak Authentication

The product transmits or stores authentication credentials, but it uses an insecure method that is susceptible to unauthorized interception and/or retrieval.

1,360 vulnerabilities with CWE-522

CVE-2022-46155 HIGH

Airtable.js <0.11.6 - Info Disclosure

CVE-2022-41732 MEDIUM

IBM Maximo Mobile <8.9 - Info Disclosure

CVE-2022-29833 MEDIUM

Mitsubishi Electric GX Works3 1.015R-1.086Q - Unauthenticated Sensitive Information Disclosure

CVE-2022-41933 MEDIUM

XWiki 13.1-13.10.8 - Plaintext Password Storage in Forgot Password Feature

CVE-2022-40751 MEDIUM

IBM UrbanCode Deploy Credential Exposure via LDAP Search

CVE-2022-45392 MEDIUM

Jenkins NS-ND Integration Performance Publisher < 4.8.0.146 - Insufficiently Protected Credentials in Job Config Files

CVE-2022-45384 MEDIUM

Jenkins Reverse Proxy Auth Plugin <= 1.7.3 - Insufficiently Protected Credentials in LDAP Manager Password Storage

CVE-2022-37109 CRITICAL

camp_project camp < 2022-07-21 - Insufficiently Protected Credentials via StaticFileHandler

CVE-2022-26341 HIGH

Intel(R) AMT SDK <16.0.4.1 - Privilege Escalation

CVE-2022-38121 MEDIUM

UPSMON PRO - Insufficiently Protected Credentials in Configuration File

CVE-2022-36077 HIGH

Electron <21.0.0-beta.1-18.3.7 - Info Disclosure

CVE-2022-3781 MEDIUM

Devolutions Server < 2022.3.2 and Remote Desktop Manager < 2022.2.27 - Insufficiently Protected Credentials

CVE-2022-3474 MEDIUM

Bazel 3.1.0-4.2.2 - Insufficiently Protected Credentials in Remote Assets API

CVE-2022-3644 MEDIUM

pulp_ansible - Insufficiently Protected Credentials via Plaintext Token Storage

CVE-2022-41575 HIGH

Gradle Enterprise <2022.3.3 - Info Disclosure

CVE-2022-43419 MEDIUM

Jenkins Katalon Plugin <1.0.32 - Info Disclosure

CVE-2022-22251 HIGH

Juniper Networks Junos OS <21.2R1 - Privilege Escalation

CVE-2022-28291 MEDIUM

Nessus - Authenticated Cleartext Credential Exposure via Process Dumping

CVE-2022-3206 MEDIUM

Passster WP <3.5.5.5.2 - Info Disclosure

CVE-2022-31130 MEDIUM

Grafana <9.1.8 & <8.5.14 - Info Disclosure

CVE-2022-38465 CRITICAL

SIMATIC Drive Controller <V2.9.2, SIMATIC ET 200SP Open Controller ...

CVE-2022-39168 HIGH

IBM Robotic Process Automation - Credential Exposure in Upgrade Logs

CVE-2022-29089 MEDIUM

Dell Networking OS10 - Info Disclosure

CVE-2022-37193 HIGH

Chipolo ONE Bluetooth Tracker - Insufficiently Protected Credentials

CVE-2022-41255 MEDIUM

Jenkins CONS3RT Plugin <1.0.0 - Info Disclosure

Previous Page 21 of 55 Next

Details

Vulnerabilities 1,360

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy