Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-522

CWE-522

Insufficiently Protected Credentials

Parent: CWE-1390 - Weak Authentication

The product transmits or stores authentication credentials, but it uses an insecure method that is susceptible to unauthorized interception and/or retrieval.

1,360 vulnerabilities with CWE-522

CVE-2020-24396 HIGH

homee Brain Cube <2.28.2,2.28.4 - Info Disclosure

CVE-2020-21994 CRITICAL

AVE DOMINAplus <=1.10.x - Unauthenticated Credential Disclosure via /xml/authClients.xml

CVE-2020-15942 MEDIUM

FortiWeb 6.2.0-6.2.3 - Authenticated Information Disclosure in Web Vulnerability Scan Profile

CVE-2020-11925 HIGH

Luvion Grand Elite 3 Connect Firmware < 2020-02-25 - Weak Password Requirements

CVE-2020-9306 HIGH

Tesla Solarcity Solar Monitoring Gateway < 5.46.43 - Insufficiently Protected Credentials

CVE-2020-14391 MEDIUM

GNOME Control Center - Insufficiently Protected Credentials via System Registration

CVE-2020-10554 HIGH

Psyprax < 3.2.2 - Insufficiently Protected Credentials via Obfuscated Password Storage

CVE-2020-29005 HIGH

MediaWiki < 1.35 - Cleartext Transmission of Sensitive Information in Push Extension API

CVE-2020-27258 MEDIUM

SOOIL Developments Co., Ltd Diabecare RS - Info Disclosure

CVE-2020-27270 MEDIUM

SOOIL Developments CoLtd DiabecareRS - Info Disclosure

CVE-2020-4602 MEDIUM

IBM Security Guardium Insights 2.0.2 - Insufficiently Protected Credentials

CVE-2020-28390 MEDIUM

Siemens Opcenter Execution Core V8.2 and V8.3 - Unprotected User Credential Exposure via Web Client Session Storage

CVE-2020-4913 MEDIUM

IBM Cloud Pak System 2.3.0.0-2.3.3.2 - Credential Exposure to Local Privileged User

CVE-2020-2499 MEDIUM

QES < 2.1.1 - Unauthenticated Hard-Coded Password Bypass

CVE-2020-29583 CRITICAL KEV

Zyxel USG <4.60 - Privilege Escalation

CVE-2020-24680 HIGH

S+ Operations/S+ Historian - Info Disclosure

CVE-2020-27781 HIGH

Ceph < 14.2.16, 15.x < 15.2.8, 16.x < 16.2.0 - Insufficiently Protected Credentials via OpenStack Manila Share Access

CVE-2020-25235 HIGH

LOGO! 8 BM Firmware <8.3 - Insufficiently Protected Credentials

CVE-2020-25175 CRITICAL

GE Healthcare Imaging and Ultrasound Products - Info Disclosure

CVE-2020-28219 HIGH

EcoStruxure Geo SCADA Expert 2019-2020 Credential Exposure via Virtual ViewX

CVE-2020-29380 MEDIUM

V-SOL V1600D <2.03.69, V1600G1/V2 <2.0.7/1.9.7 - Info Disclosure

CVE-2020-29054 CRITICAL

Cdatatec 72408a Firmware - Insufficiently Protected Credentials

CVE-2020-28330 MEDIUM

Barco wePresent WiPG-1600W Firmware 2.5.1.8 - Unprotected Transport of Credentials

CVE-2020-24227 HIGH

Playground Sessions <2.5.582 - Info Disclosure

CVE-2020-26079 MEDIUM

Cisco IoT Field Network Director < 4.6.1 - Authenticated Password Hash Exposure via User Information Call

Previous Page 32 of 55 Next

Details

Vulnerabilities 1,360

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy