Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-522

CWE-522

Insufficiently Protected Credentials

Parent: CWE-1390 - Weak Authentication

The product transmits or stores authentication credentials, but it uses an insecure method that is susceptible to unauthorized interception and/or retrieval.

1,363 vulnerabilities with CWE-522

CVE-2019-0120 MEDIUM

Intel Pentium J/N Series, Celeron J/N Series, Atom A/E3900 Series Firmware - Insufficiently Protected Credentials

CVE-2019-0881 HIGH

Windows Kernel - Privilege Escalation

CVE-2019-10921 HIGH

Siemens LOGO! 8 BM Firmware < 8.3 - Unauthenticated Password Exposure via Port 10005/tcp

CVE-2019-8350 MEDIUM

Simple - Better Banking 2.45.0-2.45.3 - Unprotected User Password Exposure via Keyboard Autocomplete

CVE-2019-11885 MEDIUM

eyeDisk - Insufficiently Protected Credentials via Cleartext Password Transmission

CVE-2019-11820 MEDIUM

Synology Calendar <2.3.3-0620 - Info Disclosure

CVE-2019-3938 HIGH

Crestron AM-100 and AM-101 - Insufficiently Protected Credentials in Configuration Export

CVE-2019-10318 HIGH

Jenkins Azure AD Plugin <= 0.3.3 - Insufficiently Protected Credentials in Global Configuration

CVE-2019-10316 HIGH

Jenkins Aqua MicroScanner Plugin <= 1.0.5 - Insufficiently Protected Credentials

CVE-2019-10313 HIGH

Jenkins Twitter Plugin < 0.7 - Insufficiently Protected Credentials

CVE-2019-10239 HIGH

Robotronic RunAsSpc 3.7.0.0 - Authenticated Cleartext Credential Exposure

CVE-2019-11402 CRITICAL

Gradle Enterprise <2018.5.3 - Info Disclosure

CVE-2019-11350 CRITICAL

CloudBees Jenkins Operations Center <2.150.2.3 - Info Disclosure

CVE-2019-10303 HIGH

Jenkins Azure PublisherSettings Credentials Plugin < 1.2 - Insufficiently Protected Credentials

CVE-2019-10302 HIGH

Jenkins jira-ext < 0.8 - Insufficiently Protected Credentials

CVE-2019-6609 CRITICAL

BIG-IP 12.1.1-12.1.4, 13.0.0-13.1.1.3, 14.0.0-14.1.0.1 - Insufficiently Protected Credentials

CVE-2019-6525 HIGH

AVEVA Wonderware System Platform < 2017 Update 2 - Improper Privilege Management via ArchestrA Network User Account

CVE-2019-0035 MEDIUM

Junos OS 15.1-18.3 - Unauthenticated Administrative Bypass via OAM Volume Console

CVE-2019-0032 HIGH

Juniper Networks Service Insight <18.1R1 - Info Disclosure

CVE-2019-5615 MEDIUM

Rapid7 InsightVM <6.5.49 - Info Disclosure

CVE-2019-10630 HIGH

Zyxel NAS326 Firmware < 5.21 - Insufficiently Protected Credentials

CVE-2019-10299 HIGH

Jenkins CloudCoreo DeployTime Plugin - Insufficiently Protected Credentials

CVE-2019-10298 HIGH

Jenkins Koji Plugin - Insufficiently Protected Credentials

CVE-2019-10297 HIGH

Jenkins Sametime Plugin - Insufficiently Protected Credentials

CVE-2019-10296 HIGH

Jenkins Serena SRA Deploy Plugin - Insufficiently Protected Credentials

Previous Page 44 of 55 Next

Details

Vulnerabilities 1,363

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy