Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-522

CWE-522

Insufficiently Protected Credentials

Parent: CWE-1390 - Weak Authentication

The product transmits or stores authentication credentials, but it uses an insecure method that is susceptible to unauthorized interception and/or retrieval.

1,360 vulnerabilities with CWE-522

CVE-2019-19843 CRITICAL

Ruckus Wireless Unleashed <200.7.10.102.64 - Info Disclosure

CVE-2019-19696 MEDIUM

Trend Micro Password Manager - Info Disclosure

CVE-2019-12423 HIGH

Apache CXF < 3.2.12 - Insufficiently Protected Credentials via JWK Keystore Configuration

CVE-2019-4508 HIGH

IBM QRadar SIEM <7.3.3 - Info Disclosure

CVE-2019-6700 MEDIUM

FortiSIEM < 5.2.5 - Authenticated Information Exposure via External Authentication Profile Form

CVE-2019-5990 HIGH

cgi_an-anlyzer < 2019-06-24 - Unauthenticated Login Password Exposure via HTTP Referer

CVE-2019-19310 MEDIUM

GitLab 9.0.0-12.5.0 - Insufficiently Protected Credentials

CVE-2019-10205 MEDIUM

Red Hat Quay - Insufficiently Protected Credentials via Plain Text Robot Account Tokens

CVE-2019-4335 MEDIUM

IBM Watson Studio Local <1.2.3 - Info Disclosure

CVE-2019-20047 HIGH

Alcatel-Lucent OmniVista 4760 and 8770 < 4.1.2 - Unauthenticated Credential Exposure via Session File Retrieval

CVE-2019-6024 MEDIUM

Rakuma App for Android < 7.15.0 and iOS < 7.16.4 - Insufficiently Protected Credentials via Malicious Application

CVE-2019-3431 CRITICAL

ZTE ZXCLOUD GoldenData VAP <= zxivs-vap-portal-xzgav4.01.01.02 - Credential Exposure via Unencrypted Transmission

CVE-2019-18615 MEDIUM

CloudVision Portal <2018.2 - Info Disclosure

CVE-2019-18572 CRITICAL

RSA Identity Governance and Lifecycle <7.1.1 P03 - Auth Bypass

CVE-2019-19890 HIGH

Humax Wireless Voice Gateway HGB10R-2 20160817_1855 - Cleartext Transmission of Sensitive Information

CVE-2019-16572 MEDIUM

Jenkins Weibo Plugin <1.0.1 - Info Disclosure

CVE-2019-16557 MEDIUM

Jenkins Redgate SQL Change Automation Plugin <2.0.3 - Info Disclosure

CVE-2019-16556 MEDIUM

Jenkins Rundeck Plugin <3.6.5 - Info Disclosure

CVE-2019-19687 HIGH

OpenStack Keystone 15.0.0-16.0.0 - Info Disclosure

CVE-2019-16673 MEDIUM

Weidmueller IE-SW-VL05M <3.6.6, IE-SW-VL08MT <3.5.2, IE-SW-PL10M <3...

CVE-2019-16672 CRITICAL

Weidmueller IE-SW-VL05M <3.6.6 - Info Disclosure

CVE-2019-10224 MEDIUM

389-ds-base <1.4.1.3 - Info Disclosure

CVE-2019-10214 MEDIUM

Containers/image - Info Disclosure

CVE-2019-10206 MEDIUM

Ansible <2.8.4, <2.7.13, <2.6.19 - Info Disclosure

CVE-2019-16544 HIGH

Jenkins QMetry for JIRA - Test Mgmt Plugin <1.12 - Info Disclosure

Previous Page 39 of 55 Next

Details

Vulnerabilities 1,360

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy