Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-522

CWE-522

Insufficiently Protected Credentials

Parent: CWE-1390 - Weak Authentication

The product transmits or stores authentication credentials, but it uses an insecure method that is susceptible to unauthorized interception and/or retrieval.

1,360 vulnerabilities with CWE-522

CVE-2020-4408 MEDIUM

IBM QRadar Advisor 1.1-2.5.2 - Insufficiently Protected Credentials via Password Masking

CVE-2020-4372 HIGH

IBM Verify Gateway 1.0.0 and 1.0.1 - Insufficiently Protected Credentials

CVE-2020-4095 MEDIUM

HCL BigFix Platform 9.2-9.2.18 - Insufficiently Protected Credentials in Memory

CVE-2020-3180 HIGH

Cisco SD-WAN Solution Software - Unauthenticated Access

CVE-2020-10287 CRITICAL

ABB IRC5 and IRB140 Firmware - Insufficiently Protected Credentials

CVE-2020-2218 LOW

Jenkins HP ALM Quality Center Plugin <1.6 - Info Disclosure

CVE-2020-2213 MEDIUM

Jenkins White Source Plugin <19.1.1 - Info Disclosure

CVE-2020-2212 MEDIUM

Jenkins GitHub Coverage Reporter Plugin <1.8 - Info Disclosure

CVE-2020-2209 MEDIUM

Jenkins TestComplete support Plugin <2.4.1 - Info Disclosure

CVE-2020-2208 MEDIUM

Jenkins Slack Upload Plugin <1.7 - Info Disclosure

CVE-2020-3391 MEDIUM

Cisco DNA Center < 1.2.10 Authenticated Sensitive Information Exposure via Cleartext Credential Storage

CVE-2020-5899 HIGH

NGINX Controller 3.0.0-3.4.0 - Info Disclosure

CVE-2020-10727 MEDIUM

ActiveMQ Artemis <2.12.0 - Info Disclosure

CVE-2020-14930 HIGH

BT CTROMS Terminal OS Port Portal CT-464 - Info Disclosure

CVE-2020-0540 HIGH

Intel AMT Firmware < 11.8.77, 11.12.77, 11.22.77, 12.0.64 - Unauthenticated Credential Disclosure via Network Access

CVE-2020-10752 HIGH

OpenShift API Server - Info Disclosure

CVE-2020-10755 MEDIUM

OpenStack Cinder <14.1.0-16.1.0 - Info Disclosure

CVE-2020-6239 MEDIUM

SAP Business One <10.0 - Info Disclosure

CVE-2020-11681 HIGH

Castel NextGen DVR v1.0.0 - Insufficiently Protected Credentials

CVE-2020-7030 MEDIUM

Avaya IP Office 9.x, 10.0-10.1.0.7, 11.0-11.0.4.3 - Insufficiently Protected Credentials

CVE-2020-2198 MEDIUM

Jenkins Project Inheritance Plugin <= 19.08.02 - Insufficiently Protected Credentials in getConfigAsXML API

CVE-2020-10972 HIGH

Wavlink WN530HG4, WN531G3, and WN572HG3 Firmware - Unauthenticated Administrator Password Exposure via live_?.shtml Page

CVE-2020-2182 MEDIUM

Jenkins Credentials Binding Plugin < 1.22 - Insufficiently Protected Credentials

CVE-2020-2181 MEDIUM

Jenkins Credentials Binding Plugin < 1.22 - Insufficiently Protected Credentials in Build Log

CVE-2020-11821 MEDIUM

Rukovoditel 2.5.2 - Insufficiently Protected Credentials via Cookie Storage

Previous Page 35 of 55 Next

Details

Vulnerabilities 1,360

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy