Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-522

CWE-522

Insufficiently Protected Credentials

Parent: CWE-1390 - Weak Authentication

The product transmits or stores authentication credentials, but it uses an insecure method that is susceptible to unauthorized interception and/or retrieval.

1,360 vulnerabilities with CWE-522

CVE-2021-36178 MEDIUM

Fortinet FortiSDNConnector <1.1.7 - Info Disclosure

CVE-2021-36170 LOW

FortiAnalyzerVM/FortiManagerVM <7.0.0,6.4.6 - Info Disclosure

CVE-2021-41092 MEDIUM

Docker CLI <20.10.9 - Info Disclosure

CVE-2021-36309 HIGH

Dell Enterprise SONiC OS <3.3.0 - Info Disclosure

CVE-2021-41300 CRITICAL

ECOA BAS Controller - Unauthenticated Insufficiently Protected Credentials

CVE-2021-41297 HIGH

ECOA BAS Controller - Authenticated Privilege Escalation via Plain-Text Credential Disclosure

CVE-2021-39342 MEDIUM

Credova Financial <= 1.4.8 - Cleartext Transmission of Sensitive Information via AJAX Action

CVE-2021-38863 MEDIUM

IBM Security Verify Bridge <1.0.5.0 - Info Disclosure

CVE-2021-20434 MEDIUM

IBM Security Verify Bridge <1.0.5.0 - Info Disclosure

CVE-2021-1589 MEDIUM

Cisco SD-WAN vManage Software - Privilege Escalation

CVE-2021-29811 MEDIUM

IBM Tivoli Netcool/omnibus Webgui < 8.1.0.24 - Insufficiently Protected Credentials

CVE-2021-28813 CRITICAL

QSW-M2116P-2T2S, QNAP switches - Info Disclosure

CVE-2021-28499 MEDIUM

Arista Metamako Operating System < 0.18.0 - Insufficiently Protected Credentials

CVE-2021-28498 HIGH

Arista Metamako Operating System < 0.13.0 - Insufficiently Protected Credentials

CVE-2021-34733 MEDIUM

Cisco Prime Infrastructure and Evolved Programmable Network Manager - Insufficiently Protected Credentials

CVE-2021-39373 HIGH

Samsung Drive Manager 2.0.104 - Insufficiently Protected Credentials via WideCharToMultiByte and WideCharStr

CVE-2021-21681 MEDIUM

Jenkins Nomad Plugin < 0.7.4 - Insufficiently Protected Docker Credentials

CVE-2021-34560 MEDIUM

PEPPERL+FUCHS WirelessHART-Gateway <= 3.0.9 - Insufficiently Protected Credentials via Autocomplete Password Field

CVE-2021-30948 MEDIUM

iPadOS < 15.2 - Unauthenticated Stored Password Exposure via Physical Access

CVE-2021-39289 HIGH

NetModule Router Software < 4.3.0.113 - Insufficiently Protected Credentials

CVE-2021-35529 HIGH

Hitachi ABB Power Grids <5.7.2 - Info Disclosure

CVE-2021-38165 MEDIUM

Lynx < 2.8.9 - Credential Exposure via URI Userinfo in SNI Data

CVE-2021-20597 CRITICAL

Mitsubishi Electric MELSEC iQ-R - Info Disclosure

CVE-2021-32003 HIGH

Secomea SiteManager <9.5 - Info Disclosure

CVE-2021-22923 MEDIUM

curl - Metalink Feature - Auth Bypass

Previous Page 28 of 55 Next

Details

Vulnerabilities 1,360

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy