Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-522

CWE-522

Insufficiently Protected Credentials

Parent: CWE-1390 - Weak Authentication

The product transmits or stores authentication credentials, but it uses an insecure method that is susceptible to unauthorized interception and/or retrieval.

1,363 vulnerabilities with CWE-522

CVE-2019-6242 HIGH

Kentico Xperience - Insufficiently Protected Credentials in SMTP Configuration

CVE-2019-1000001 CRITICAL

TeamPass < 2.1.27.0 - Insufficiently Protected Credentials in Shared Password Vaults

CVE-2019-7300 HIGH

Artica Proxy 3.06.200056 - Command Injection

CVE-2018-16153 HIGH

Apereo Opencast 4.0-10.5 - Insufficiently Protected Credentials via External Service Authentication

CVE-2018-20243 HIGH

Apache Fineract 1.0.0-1.2.9 - Credential Exposure via URL Parameters

CVE-2018-21248 HIGH

Mattermost Server < 5.4.0 - Insufficiently Protected Credentials

CVE-2018-21239 MEDIUM

Foxit Reader and PhantomPDF < 9.2 - NTLM Credential Theft via GoToE or GoToR Action

CVE-2018-21237 MEDIUM

Foxit PhantomPDF < 8.3.7 - NTLM Credential Theft via GoToE or GoToR Action

CVE-2018-21031 MEDIUM

Tautulli <= 2.1.38 - Insufficiently Protected Credentials via X-Plex-Token Mishandling

CVE-2018-7820 CRITICAL

APC UPS Network Management Card 2 AOS <6.5.6 - Info Disclosure

CVE-2018-19466 CRITICAL

Portainer <1.20.0 - Info Disclosure

CVE-2018-17500 LOW

Envoy Passport - Insufficiently Protected OAuth Credentials

CVE-2018-20781 HIGH

GNOME Keyring < 3.27.2 - Insufficiently Protected Credentials via Session-Child Process

CVE-2018-15456 MEDIUM

Cisco Identity Services Engine - Authenticated Plaintext Password Exposure in Admin Portal

CVE-2018-0474 HIGH

Cisco Unified Communications Manager - Authenticated Cleartext Credential Exposure in Web Management Interface

CVE-2018-1000425 HIGH

Jenkins SonarQube Scanner Plugin <2.8 - Info Disclosure

CVE-2018-1000424 HIGH

Jenkins Artifactory Plugin <2.16.1 - Info Disclosure

CVE-2018-1000423 HIGH

Jenkins Crowd <2.0.0 - Info Disclosure

CVE-2018-1000627 CRITICAL

Battelle V2I Hub 2.5.1 - Info Disclosure

CVE-2018-11742 CRITICAL

NEC Univerge SV9100 WebPro 6.00.00 - Insufficiently Protected Credentials

CVE-2018-20445 CRITICAL

D-Link DCM-604 and DCM-704 - Unauthenticated Wi-Fi Credential Exposure via SNMP

CVE-2018-20444 CRITICAL

Technicolor CGA0111 CGA0111E-ES-13-E23E-c8000r5712-170217-0829-TRU - Wi-Fi Credential Exposure via SNMP

CVE-2018-20443 CRITICAL

Technicolor TC7200.d1I - Unauthenticated Wi-Fi Credential Exposure via SNMP

CVE-2018-20442 CRITICAL

Technicolor TC7110.B STC8.62.02 - Unauthenticated Wi-Fi Credential Exposure via SNMP OID Requests

CVE-2018-20441 CRITICAL

Technicolor TC7200.TH2v2 SC05.00.22 - Unauthenticated Wi-Fi Credential Exposure via SNMP OID Requests

Previous Page 46 of 55 Next

Details

Vulnerabilities 1,363

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy