Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-522

CWE-522

Insufficiently Protected Credentials

Parent: CWE-1390 - Weak Authentication

The product transmits or stores authentication credentials, but it uses an insecure method that is susceptible to unauthorized interception and/or retrieval.

1,360 vulnerabilities with CWE-522

CVE-2021-21614 MEDIUM

Jenkins Bumblebee HP ALM Plugin <= 4.1.5 - Insufficiently Protected Credentials

CVE-2021-21612 MEDIUM

Jenkins TraceTronic ECU-TEST Plugin < 2.23.1 - Insufficiently Protected Credentials

CVE-2020-37097 HIGH

Edimax EW-7438RPn <1.13 - Info Disclosure

CVE-2020-36968 MEDIUM

M/Monit 3.7.4 - Authenticated Password Hash Exposure via Admin API Endpoints

CVE-2020-36896 HIGH

QiHang Media Web Digital Signage 3.0.9 - Auth Bypass

CVE-2020-9250 LOW

Huawei Mate 20 Pro Firmware - Unauthenticated Insufficiently Protected Credentials via Crafted Software Package

CVE-2020-17477 MEDIUM

UCS@school <4.4v5-errata - Info Disclosure

CVE-2020-18406 HIGH

cmseasy 7.0.0 - Insufficiently Protected Credentials via Unencrypted Form Data

CVE-2020-15347 CRITICAL

Zyxel CloudCNM SecuManager <3.1.1 - Info Disclosure

CVE-2020-15341 HIGH

Zyxel CloudCNM SecuManager <3.1.1 - Unauthenticated API

CVE-2020-35992 MEDIUM

Fiserv Prologue < 2020-12-16 - Insufficiently Protected Database Credentials in appconfig.ini

CVE-2020-10710 MEDIUM

Red Hat Satellite - Info Disclosure

CVE-2020-28865 HIGH

PowerJob < 3.2.2 - Unauthenticated Arbitrary Password Change via /appinfo/save id Parameter

CVE-2020-25184 HIGH

Schneider-electric Easergy T300 Firmware - Information Disclosure

CVE-2020-27413 MEDIUM

Mahavitaran <7.50 - Info Disclosure

CVE-2020-23036 MEDIUM

MEDIA NAVI Inc SMACom v1.2 - Info Disclosure

CVE-2020-5315 HIGH

Dell EMC Repository Manager 3.2 - Info Disclosure

CVE-2020-15381 HIGH

Brocade SANnav <2.1.1 - Auth Bypass

CVE-2020-26515 HIGH

Intland codeBeamer ALM <10.1.SP4 - Info Disclosure

CVE-2020-29323 HIGH

D-link DIR-885L-MFC - Info Disclosure

CVE-2020-29322 HIGH

D-Link DIR-880L 1.07 - Info Disclosure

CVE-2020-29321 HIGH

D-Link DIR-868L 3.01 - Info Disclosure

CVE-2020-27831 MEDIUM

Red Hat Quay 3.0.0-3.3.2 - Improper Access Control in Email Notification Authorization

CVE-2020-27839 MEDIUM

ceph < 14.2.17 - Insufficiently Protected Credentials via JWT Storage in localStorage

CVE-2020-12061 CRITICAL

Nitrokey FIDO U2F Firmware < 1.1 - Insufficiently Protected Credentials via Plaintext Communication

Previous Page 31 of 55 Next

Details

Vulnerabilities 1,360

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy