Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-522

CWE-522

Insufficiently Protected Credentials

Parent: CWE-1390 - Weak Authentication

The product transmits or stores authentication credentials, but it uses an insecure method that is susceptible to unauthorized interception and/or retrieval.

1,363 vulnerabilities with CWE-522

CVE-2017-14111 HIGH

Philips IntelliSpace Cardiovascular <2.3.0 - Info Disclosure

CVE-2017-15272 MEDIUM

psftpd 10.0.4 Build 729 - Improper Authentication via Cleartext Password Storage

CVE-2017-14711 HIGH

Kickbase GmbH Kickbase Bundesliga Manager <2.2.1 - Info Disclosure

CVE-2017-15918 HIGH

Sera 1.2 - Insufficiently Protected Credentials via Plain Text Password Storage

CVE-2017-1000245 CRITICAL

Jenkins SSH Plugin < 2.4 - Insufficiently Protected Credentials

CVE-2017-3760 HIGH

Lenovo Service Framework - Remote Code Execution via Man-in-the-Middle Attack

CVE-2017-5700 HIGH

Intel NUC7i3BNK NUC7i3BNH NUC7i5BNK NUC7i5BNH NUC7i7BNH <= BN0049 - Insufficiently Protected Credentials

CVE-2017-13998 HIGH

LOYTEC LVIS-3ME <6.2.0 - Info Disclosure

CVE-2017-1378 HIGH

IBM Spectrum Protect <8.1 - Info Disclosure

CVE-2017-1201 HIGH

IBM BigFix Compliance Analytics 1.9.79 - Cleartext Credential Storage

CVE-2017-1362 HIGH

IBM Security Identity Manager Adapters <7.0 - Info Disclosure

CVE-2017-14418 HIGH

D-Link DIR-850L Firmware <= FW208WWb02 - Cleartext Password Transmission via NPAPI Extension

CVE-2017-13771 CRITICAL

Lexmark Scan To Network < 3.2.9 - Plaintext Credential Exposure via SNF Dest Servlet

CVE-2017-8446 MEDIUM

Elastic X-Pack Reporting < 5.5.2 and < 2.4.6 - Privilege Escalation via Reporting User Impersonation

CVE-2017-7547 HIGH

PostgreSQL <9.2.22-9.6.4 - Privilege Escalation

CVE-2017-4923 CRITICAL

VMware vCenter Server <6.5 U1 - Info Disclosure

CVE-2017-6532 CRITICAL

Televes COAXDATA GATEWAY 1Gbps Firmware 4.20 - Insufficiently Protected Credentials in /mib.db

CVE-2017-11349 CRITICAL

dataTaker DT8x dEX 1.72.007 - Insufficiently Protected Credentials

CVE-2017-1337 HIGH

IBM WebSphere MQ <9.0.2 - Info Disclosure

CVE-2017-6709 CRITICAL

Cisco Ultra Services Framework < 5.0.2 - Unauthenticated Exposure of Sensitive Information via AutoVNF Log Files

CVE-2017-1207 MEDIUM

IBM WebSphere Message Broker and Integration Bus - Insufficiently Protected Credentials

CVE-2017-7315 CRITICAL

Humax Digital HG100R <2.0.6 - Info Disclosure

CVE-2017-9248 CRITICAL KEV

Telerik UI <R2 2017 SP1-10.0.6412.0 - MachineKey Leak

CVE-2017-7905 CRITICAL

GE Multilin SR, UR, and URplus Protective Relays - Weak Password Encoding via Non-Random Initialization Vector

CVE-2017-6046 HIGH

Sierra Wireless AirLink Raven XE and XT - Insufficiently Protected Credentials

Previous Page 52 of 55 Next

Details

Vulnerabilities 1,363

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy