Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-522

CWE-522

Insufficiently Protected Credentials

Parent: CWE-1390 - Weak Authentication

The product transmits or stores authentication credentials, but it uses an insecure method that is susceptible to unauthorized interception and/or retrieval.

1,360 vulnerabilities with CWE-522

CVE-2020-12273 HIGH

TestLink 1.9.20 - Insufficiently Protected Credentials via Login Parameter

CVE-2020-11008 MEDIUM

Git < 2.17.5 - Credential Leak via Malicious URL Pattern

CVE-2020-9523 HIGH

Micro Focus Enterprise Developer < 4.0 Patch Update 16 and 5.0 < Patch Update 6 - Insufficiently Protected Credentials

CVE-2020-5721 MEDIUM

MikroTik WinBox <3.22 - Info Disclosure

CVE-2020-5260 CRITICAL

Git < 2.17.4, 2.18.0-2.18.3 - Credential Leak via Encoded Newline in URL

CVE-2020-6195 CRITICAL

SAP Business Objects <4.2 - Info Disclosure

CVE-2020-11694 HIGH

JetBrains PyCharm 2019.2.5 and 2019.3 - Insufficiently Protected Credentials

CVE-2020-5406 MEDIUM

VMware Tanzu Application Service for VMs <2.6.18-2.8.5 - Info Discl...

CVE-2020-5263 MEDIUM

auth0.js 8.0.0-9.12.2 - Insufficiently Protected Credentials via Error Object Exposure

CVE-2020-11557 HIGH

Castle Rock SNMPc Online 12.10.10-2020-01-28 - Cleartext Transmission of Sensitive Information in Cookie

CVE-2020-11555 HIGH

Castle Rock SNMPc Online 12.10.10-2020-01-28 - Unauthenticated Sensitive Credential Exposure via Backup Files

CVE-2020-1978 MEDIUM

Palo Alto Networks VM-Series < 1.0.9 - Insufficiently Protected Azure Dashboard Credentials in TechSupport Files

CVE-2020-11629 HIGH

EJBCA < 6.15.2.6 and 7.x < 7.3.1.2 - Authenticated Arbitrary File Upload via External Command Certificate Validator

CVE-2020-11560 HIGH

NCH Express Invoice 7.25 - Insufficiently Protected Credentials via Configuration File

CVE-2020-11449 HIGH

Technicolor TC7337 8.89.17 - Insufficiently Protected Credentials in Backup File

CVE-2020-2165 HIGH

Jenkins Artifactory Plugin <= 3.6.0 - Plaintext Password Exposure in Global Configuration

CVE-2020-2164 MEDIUM

Jenkins Artifactory Plugin <= 3.5.0 - Unprotected Credential Storage

CVE-2020-9324 HIGH

Aquaforest TIFF Server 4.0 - Unauthenticated SMB Hash Capture via UNC

CVE-2020-2145 MEDIUM

Jenkins Zephyr Enterprise Test Management Plugin < 1.9.1 - Insufficiently Protected Credentials

CVE-2020-5404 MEDIUM

Reactor Netty 0.8.0-0.8.15 and 0.9.0-0.9.4 - Credentials Leak via Redirect Handling

CVE-2020-6794 MEDIUM

Thunderbird <68.5 - Info Disclosure

CVE-2020-3841 MEDIUM

iOS <13.3.1-iPadOS <13.3.1 - Info Disclosure

CVE-2020-5400 MEDIUM

Cloud Foundry CAPI < 1.91.0 - Insufficiently Protected Credentials in Background Job Logs

CVE-2020-2133 MEDIUM

Jenkins Applatix Plugin < 1.1 - Insufficiently Protected Credentials in Job Config

CVE-2020-2132 MEDIUM

Jenkins Parasoft Environment Manager Plugin < 2.14 - Insufficiently Protected Credentials in Job Config

Previous Page 36 of 55 Next

Details

Vulnerabilities 1,360

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy