Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-522

CWE-522

Insufficiently Protected Credentials

Parent: CWE-1390 - Weak Authentication

The product transmits or stores authentication credentials, but it uses an insecure method that is susceptible to unauthorized interception and/or retrieval.

1,360 vulnerabilities with CWE-522

CVE-2022-31044 HIGH

Rundeck 4.2.0-4.2.1 - Insufficiently Protected Credentials via Key Storage Converter Plugin

CVE-2022-1342 MEDIUM

Devolutions Remote Desktop Manager < 2022.1.24 - Insufficiently Protected Credentials

CVE-2022-30231 MEDIUM

SICAM GridEdge (Classic) <V2.6.6 - Info Disclosure

CVE-2022-30587 HIGH

Gradle Enterprise < 2022.2.3 - Insufficiently Protected Credentials

CVE-2022-22396 HIGH

IBM Spectrum Protect Plus <10.1.9.3 - Info Disclosure

CVE-2022-29085 MEDIUM

Dell Unity <5.2.0.0.5.173 - Info Disclosure

CVE-2022-22557 HIGH

PowerStore <2.0.1.x - Info Disclosure

CVE-2022-27776 MEDIUM

curl < 7.83.0 - Credential Leak via HTTP Redirect to Different Port

CVE-2022-27774 MEDIUM

curl 4.9-7.82.0 - Credential Leak via HTTP Redirect

CVE-2022-22767 HIGH

BD Pyxis Products - Insufficiently Protected Credentials

CVE-2022-1413 MEDIUM

GitLab 1.0.2-14.8.5, 14.9.0-14.9.3, 14.10.0 - Insufficiently Protected Credentials via Integration Properties

CVE-2022-30018 HIGH

Mobotix Control Center < 2.5.4.5 - Insufficiently Protected Credentials via MxCC.ini Config File

CVE-2022-30952 MEDIUM

Jenkins Pipeline SCM API - Info Disclosure

CVE-2022-29588 HIGH

Konica Minolta bizhub MFP Firmware < 2022-04-14 - Insufficiently Protected Credentials

CVE-2022-28005 CRITICAL

3cx < 18.0.3.450 - Unauthenticated Path Traversal and Remote Code Execution via Electron Download Directory

CVE-2022-26856 HIGH

Dell EMC Repository Manager 3.4.0 - Info Disclosure

CVE-2022-24867 HIGH

GLPI < 10.0.0 - Unauthenticated LDAP Password Exposure via JavaScript Config

CVE-2022-27179 MEDIUM

Redlion DA50N Firmware - Insufficiently Protected Credentials

CVE-2022-29457 HIGH

Zohocorp ManageEngine ADAudit Plus - NTLM Hash Disclosure

CVE-2022-29052 MEDIUM

Jenkins Google Compute Engine Plugin <4.3.8 - Info Disclosure

CVE-2022-22550 MEDIUM

Dell PowerScale OneFS >=8.2.2 - Info Disclosure

CVE-2022-24978 HIGH

ManageEngine ADAudit Plus < 7055 - Authenticated Privilege Escalation via Cleartext Password Exposure

CVE-2022-28651 HIGH

JetBrains IntelliJ IDEA <2021.3.3 - Info Disclosure

CVE-2022-1026 HIGH

Kyocera Net Viewer < 2s0_1000.005.0012s5_2000.002.505 - Unprotected User Data Exposure via Address Book Export

CVE-2022-26948 MEDIUM

RSA Archer 6.1.0.0-6.9.1.0 - Insecure Credential Storage in RSS Feed Integration

Previous Page 24 of 55 Next

Details

Vulnerabilities 1,360

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy