Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-522

CWE-522

Insufficiently Protected Credentials

Parent: CWE-1390 - Weak Authentication

The product transmits or stores authentication credentials, but it uses an insecure method that is susceptible to unauthorized interception and/or retrieval.

1,363 vulnerabilities with CWE-522

CVE-2017-6028 CRITICAL

Schneider-electric Modicon M241 Firmware < 4.0.3.20 - Insufficiently Protected Credentials

CVE-2017-7524 HIGH

tpm2-tools <1.1.1 - Info Disclosure

CVE-2017-3214 HIGH

Milwaukee ONE-KEY - Cleartext Storage of Sensitive Information in APK Binary

CVE-2017-9552 HIGH

Synology Photo Station <6.7.1-3419 - Info Disclosure

CVE-2017-6694 MEDIUM

Cisco Ultra Services Platform - Authenticated Cleartext Credential Exposure in VNFM Logging

CVE-2017-9557 HIGH

EFS Software Easy Chat Server <3.1 - Info Disclosure

CVE-2017-8837 CRITICAL

Peplink Balance Firmware Cleartext Password Storage in /etc/waipass and /etc/roapass

CVE-2017-7913 CRITICAL

Moxa OnCell - Info Disclosure

CVE-2017-9136 HIGH

Mimosa Client Radios <2.2.3 - Code Injection

CVE-2017-7486 HIGH

PostgreSQL 8.4-9.6 - Unauthorized Information Disclosure via pg_user_mappings View

CVE-2017-7925 CRITICAL

Dahua IPC and NVR Firmware - Password in Configuration File

CVE-2017-8371 MEDIUM

StruxureWare Data Center Expert < 7.3.1 - Insufficiently Protected Credentials

CVE-2017-8296 HIGH

ked_password_manager 0.5 and 1.0 - Insufficiently Protected Credentials via Cleartext History File

CVE-2017-8225 CRITICAL

Wireless IP Camera (P2P) Firmware - Unauthenticated Credential Exposure via Empty Login Parameters

CVE-2017-8222 HIGH

Wireless IP Camera (P2P) WIFICAM - Insufficiently Protected Credentials via Hardcoded RSA Key

CVE-2017-6528 HIGH

dnaTools dnaLIMS 4-2015s13 - Insufficiently Protected Credentials in Password Storage

CVE-2017-5140 CRITICAL

Honeywell XL Web II - Info Disclosure

CVE-2017-5139 CRITICAL

Honeywell XL Web II controller <XL1000C500 - Info Disclosure

CVE-2016-15014 LOW

CESNET theme-cesnet <2.0.0 - Info Disclosure

CVE-2016-11029 HIGH

Android L-M-N - Unprotected Mobile Hotspot Password Exposure via Log

CVE-2016-4401 CRITICAL

Aruba ClearPass Policy Manager <6.5.7, <6.6.2 - Info Disclosure

CVE-2016-9593 MEDIUM

Foreman < 1.15.0 - Insufficiently Protected Credentials in Log Files

CVE-2016-9360 MEDIUM

GE Proficy <5.8 SIM 13 - Info Disclosure

CVE-2015-5013 MEDIUM

IBM Security Access Manager - Insufficiently Protected Credentials in Configuration Files

CVE-2015-7546 HIGH

OpenStack Identity <2015.1.3-8.0.2 - Privilege Escalation

Previous Page 53 of 55 Next

Details

Vulnerabilities 1,363

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy