Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-522

CWE-522

Insufficiently Protected Credentials

Parent: CWE-1390 - Weak Authentication

The product transmits or stores authentication credentials, but it uses an insecure method that is susceptible to unauthorized interception and/or retrieval.

1,360 vulnerabilities with CWE-522

CVE-2022-28141 MEDIUM

Jenkins Proxmox Plugin < 0.5.0 - Insufficiently Protected Credentials

CVE-2022-28135 MEDIUM

Jenkins instant-messaging Plugin < 1.42 - Insufficiently Protected Credentials

CVE-2022-0738 MEDIUM

GitLab <14.6.5-14.8.2 - Info Disclosure

CVE-2022-0862 LOW

McAfee ePolicy Orchestrator < 5.10.0 - Unauthenticated Password Change via Deprecated API

CVE-2022-0859 MEDIUM

McAfee ePolicy Orchestrator < 5.10 Update 13 - Authenticated SQL Server Redirection via Server Restoration

CVE-2022-27218 MEDIUM

Jenkins incapptic connect uploader < 1.15 - Insufficiently Protected Credentials in job config.xml

CVE-2022-27217 MEDIUM

Jenkins Vmware vRealize CodeStream < 1.2 - Insufficiently Protected Credentials in Job Config Files

CVE-2022-27216 MEDIUM

Jenkins dbCharts Plugin <= 0.5.2 - Insufficiently Protected Credentials

CVE-2022-27206 MEDIUM

Jenkins GitLab Authentication Plugin <= 1.13 - Insufficiently Protected Credentials

CVE-2022-22908 MEDIUM

Sangfor VDI Client 5.4.2.1006 - Insufficiently Protected Credentials

CVE-2022-24610 HIGH

Alecto DVC-215IP <63.1.1.173 - Info Disclosure

CVE-2022-24982 MEDIUM

jqueryform < 2022-02-05 - Authenticated Cleartext Credential Exposure via admin.php

CVE-2022-25184 MEDIUM

Jenkins Pipeline: Build Step Plugin < 2.15 - Password Parameter Exposure via Pipeline Snippet Generator

CVE-2022-0019 MEDIUM

Palo Alto Networks GlobalProtect 5.1-5.1.9, 5.2-5.2.7, 5.3-5.3.1 - Insufficiently Protected Credentials

CVE-2022-23223 HIGH

Apache ShenYu 2.4.0-2.4.1 - Unauthenticated Password Disclosure

CVE-2022-22554 HIGH

Dell EMC System Update <1.9.2 - Info Disclosure

CVE-2022-0184 MEDIUM

TEPRA PRO SR5900P <1.080-1.030 - Info Disclosure

CVE-2022-23117 HIGH

Jenkins Conjur Secrets Plugin < 1.0.9 - Credential Exposure via Agent Process Control

CVE-2022-23114 LOW

Jenkins Publish Over SSH Plugin <= 1.22 - Insufficiently Protected Credentials

CVE-2022-23109 MEDIUM

Jenkins HashiCorp Vault Plugin <= 3.7.0 - Credential Exposure in Pipeline Build Logs

CVE-2022-20621 MEDIUM

Jenkins Metrics Plugin <4.0.2.8 - Info Disclosure

CVE-2021-47759 MEDIUM

MTPutty 1.0.1.21 - Sensitive Information Disclosure via PowerShell Process Listing

CVE-2021-47741 HIGH

ZBL EPON ONU Broadband Router V100R001 - Privilege Escalation

CVE-2021-47726 HIGH

NuCom 11N Wireless Router 5.07.90 - Privilege Escalation

CVE-2021-1232 MEDIUM

Cisco SD-WAN vManage Software - Info Disclosure

Previous Page 25 of 55 Next

Details

Vulnerabilities 1,360

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy