Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-522

CWE-522

Insufficiently Protected Credentials

Parent: CWE-1390 - Weak Authentication

The product transmits or stores authentication credentials, but it uses an insecure method that is susceptible to unauthorized interception and/or retrieval.

1,360 vulnerabilities with CWE-522

CVE-2021-20163 MEDIUM

Trendnet TEW-827DRU 2.08B01 - Insufficiently Protected Credentials via FTP Web Page

CVE-2021-37401 CRITICAL

IDEC Data File Manager - Insufficiently Protected Credentials

CVE-2021-37400 CRITICAL

IDEC Data File Manager - Insufficiently Protected Credentials

CVE-2021-20826 HIGH

IDEC MICROSmart FC6A Firmware < 2.32 - Unprotected Credential Exposure via PLC-Software Communication

CVE-2021-36318 MEDIUM

Dell EMC Avamar <19.5 - Info Disclosure

CVE-2021-36317 MEDIUM

Dell EMC Avamar Server 19.4 - Info Disclosure

CVE-2021-42913 HIGH

Samsung SyncThru Web Service - Unauthenticated Cleartext Password Exposure via HTML Source Code

CVE-2021-3179 MEDIUM

GGLocker - Insufficiently Protected Credentials

CVE-2021-45097 LOW

KNIME Server < 4.12.6 and 4.13.x < 4.13.4 - Insufficiently Protected Credentials via Unattended Mode Installation

CVE-2021-42023 MEDIUM

Siemens ModelSim and Questa Simulation - Insufficiently Protected Credentials in RSA White-Box Implementation

CVE-2021-40857 HIGH

Auerswald COMpact 5500R <8.2B - Privilege Escalation

CVE-2021-37187 MEDIUM

Digi TransPort Firmware - Authenticated Password File Read

CVE-2021-20146 CRITICAL

Gryphonconnect Gryphon Tower Firmware < 04.0004.12 - Insufficiently Protected Credentials

CVE-2021-43978 HIGH

Allegro Windows 3.3.4152.0 - Info Disclosure

CVE-2021-42306 HIGH

Microsoft Azure Active Directory < 2021-10-30 - Insufficiently Protected Credentials

CVE-2021-38976 MEDIUM

IBM Tivoli Key Lifecycle Manager - Info Disclosure

CVE-2021-3789 MEDIUM

Motorola-branded Binatone Hubble Cameras - Info Disclosure

CVE-2021-43332 MEDIUM

GNU Mailman <2.1.36 - Info Disclosure

CVE-2021-41972 MEDIUM

Apache Superset <= 1.3.1 - Authenticated Database Connection Password Leak

CVE-2021-43397 HIGH

LiquidFiles <3.6.3 - Privilege Escalation

CVE-2021-40503 HIGH

SAP GUI for Windows <7.60 PL13, 7.70 PL4 - Info Disclosure

CVE-2021-41023 MEDIUM

Fortinet FortiSIEM <4.1.4 - Info Disclosure

CVE-2021-28496 MEDIUM

Arista EOS 4.22-4.26.1 Authenticated Password Exposure via eAPI

CVE-2021-40476 HIGH

Windows AppContainer - Privilege Escalation

CVE-2021-41125 MEDIUM

Scrapy < 1.8.1 - Credential Exposure via HttpAuthMiddleware

Previous Page 27 of 55 Next

Details

Vulnerabilities 1,360

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy