Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-522

CWE-522

Insufficiently Protected Credentials

Parent: CWE-1390 - Weak Authentication

The product transmits or stores authentication credentials, but it uses an insecure method that is susceptible to unauthorized interception and/or retrieval.

1,360 vulnerabilities with CWE-522

CVE-2019-4697 MEDIUM

IBM Security Guardium Data Encryption <3.0.0.2 - Info Disclosure

CVE-2019-4693 MEDIUM

IBM Security Guardium Data Encryption <3.0.0.2 - Info Disclosure

CVE-2019-18256 MEDIUM

BIOTRONIK CardioMessenger II - Info Disclosure

CVE-2019-13023 MEDIUM

JetSelect - Insufficiently Protected Credentials via HTML Password Field Obfuscation

CVE-2019-18868 CRITICAL

Blaauw Remote Kiln Control <v3.00r4 - Info Disclosure

CVE-2019-19218 HIGH

BMC Control-M/Agent 7.0.00.000 - Info Disclosure

CVE-2019-4668 MEDIUM

IBM UrbanCode Deploy <7.0.4.0 - Info Disclosure

CVE-2019-19105 MEDIUM

ABB Telephone Gateway TG/S <3.2 - Info Disclosure

CVE-2019-19096 MEDIUM

HitachiEnergy eSOMS 6.0-6.0.2 - Insufficiently Protected Credentials in Redis Data Structure

CVE-2019-3942 HIGH

Advantech WebAccess 8.3.4 - Unauthenticated Arbitrary File Read via RPC

CVE-2019-18785 HIGH

SuiteCRM <7.10.21, <7.11.9 - Info Disclosure

CVE-2019-16067 HIGH

NETSAS Enigma NMS <65.0.0 - Info Disclosure

CVE-2019-15656 HIGH

D-Link DSL-2875AL and DSL-2877AL Firmware < 1.00.05 - Unauthenticated Credential Disclosure via index.asp

CVE-2019-15655 HIGH

D-Link DSL-2875AL Firmware < 1.00.05 - Unauthenticated Password Disclosure via /romfile.cfg Request

CVE-2019-15653 HIGH

Comba AP2600-I A02,0202N00PD2 - Insufficiently Protected Credentials via Login Page HTML Source

CVE-2019-13394 CRITICAL

NETGEAR CG3700b Firmware V2.02.03 - Cleartext Transmission of Sensitive Information via HTTP Basic Authentication

CVE-2019-5648 MEDIUM

Barracuda Load Balancer ADC Firmware <= 6.4 - Authenticated LDAP Credential Exposure via Configuration Change

CVE-2019-9104 HIGH

Moxa MB3170, MB3270, MB3180, MB3280, MB3480, MB3660 Firmware - Insufficiently Protected Credentials

CVE-2019-10705 HIGH

Western Digital SanDisk X600 Firmware < x6112100 - Insufficiently Protected Credentials

CVE-2019-11686 MEDIUM

Western Digital SanDisk - Info Disclosure

CVE-2019-10706 MEDIUM

Western Digital SanDisk X300 X300s X400 X600 Firmware < x6112100 - Insufficiently Protected Credentials

CVE-2019-19119 MEDIUM

PRTG <19.4.53 - Privilege Escalation

CVE-2019-19539 MEDIUM

Idelji Web ViewPoint - Info Disclosure

CVE-2019-19823 HIGH

TOTOLINK A3002RU < 2.0.0 - Cleartext Password Storage in Flash Memory

CVE-2019-19898 HIGH

IXP EasyInstall 6.2.13723 - Cleartext Transmission of Sensitive Information via Administrator Console

Previous Page 38 of 55 Next

Details

Vulnerabilities 1,360

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy