Search
Total
328 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2020-13856 | 1 Mofinetwork | 2 Mofi4500-4gxelte, Mofi4500-4gxelte Firmware | 2021-07-21 | 5.0 MEDIUM | 7.5 HIGH |
| An issue was discovered on Mofi Network MOFI4500-4GXeLTE 4.0.8-std devices. Authentication is not required to download the support file that contains sensitive information such as cleartext credentials and password hashes. | |||||
| CVE-2019-19135 | 1 Opcfoundation | 2 Netstandard.opc.ua, Ua-.netstandard | 2021-07-21 | 5.8 MEDIUM | 7.4 HIGH |
| In OPC Foundation OPC UA .NET Standard codebase 1.4.357.28, servers do not create sufficiently random numbers in OPCFoundation.NetStandard.Opc.Ua before 1.4.359.31, which allows man in the middle attackers to reuse encrypted user credentials sent over the network. | |||||
| CVE-2020-9425 | 1 Rconfig | 1 Rconfig | 2021-07-21 | 5.0 MEDIUM | 7.5 HIGH |
| An issue was discovered in includes/head.inc.php in rConfig before 3.9.4. An unauthenticated attacker can retrieve saved cleartext credentials via a GET request to settings.php. Because the application was not exiting after a redirect is applied, the rest of the page still executed, resulting in the disclosure of cleartext credentials in the response. | |||||
| CVE-2020-16134 | 1 Swisscom | 10 Internet-box 2, Internet-box 2 Firmware, Internet-box 3 and 7 more | 2021-07-21 | 7.7 HIGH | 8.0 HIGH |
| An issue was discovered on Swisscom Internet Box 2, Internet Box Standard, Internet Box Plus prior to 10.04.38, Internet Box 3 prior to 11.01.20, and Internet Box light prior to 08.06.06. Given the (user-configurable) credentials for the local Web interface or physical access to a device's plus or reset button, an attacker can create a user with elevated privileges on the Sysbus-API. This can then be used to modify local or remote SSH access, thus allowing a login session as the superuser. | |||||
| CVE-2020-14427 | 1 Netgear | 24 Rbk752, Rbk752 Firmware, Rbk753 and 21 more | 2021-07-21 | 3.3 LOW | 8.8 HIGH |
| Certain NETGEAR devices are affected by disclosure of administrative credentials. This affects RBK752 before 3.2.15.25, RBK753 before 3.2.15.25, RBK753S before 3.2.15.25, RBR750 before 3.2.15.25, RBS750 before 3.2.15.25, RBK842 before 3.2.15.25, RBR840 before 3.2.15.25, RBS840 before 3.2.15.25, RBK852 before 3.2.15.25, RBK853 before 3.2.15.25, RBR850 before 3.2.15.25, and RBS850 before 3.2.15.25. | |||||
| CVE-2020-26900 | 1 Netgear | 14 Cbr40, Cbr40 Firmware, Rbk752 and 11 more | 2021-07-21 | 3.3 LOW | 8.8 HIGH |
| Certain NETGEAR devices are affected by disclosure of administrative credentials. This affects CBR40 before 2.5.0.10, RBK752 before 3.2.15.25, RBR750 before 3.2.15.25, RBS750 before 3.2.15.25, RBK852 before 3.2.15.25, RBR850 before 3.2.15.25, and RBS850 before 3.2.15.25. | |||||
| CVE-2020-14246 | 1 Hcltechsw | 1 Onetest Performance | 2021-07-21 | 5.0 MEDIUM | 7.5 HIGH |
| HCL OneTest Performance V9.5, V10.0, V10.1 uses basic authentication which is relatively weak. An attacker could potentially decode the encoded credentials. | |||||
| CVE-2020-13997 | 1 Shopware | 1 Shopware | 2021-07-21 | 5.0 MEDIUM | 7.5 HIGH |
| In Shopware before 6.2.3, the database password is leaked to an unauthenticated user when a DriverException occurs and verbose error handling is enabled. | |||||
| CVE-2020-26897 | 1 Netgear | 14 Cbr40, Cbr40 Firmware, Rbk752 and 11 more | 2021-07-21 | 8.3 HIGH | 8.8 HIGH |
| Certain NETGEAR devices are affected by disclosure of administrative credentials. This affects CBR40 before 2.5.0.10, RBK752 before 3.2.15.25, RBR750 before 3.2.15.25, RBS750 before 3.2.15.25, RBK852 before 3.2.10.11, RBR850 before 3.2.10.11, and RBS850 before 3.2.10.11. | |||||
| CVE-2020-14426 | 1 Netgear | 24 Rbk752, Rbk752 Firmware, Rbk753 and 21 more | 2021-07-21 | 3.3 LOW | 8.8 HIGH |
| Certain NETGEAR devices are affected by disclosure of administrative credentials. This affects RBK752 before 3.2.15.25, RBK753 before 3.2.15.25, RBK753S before 3.2.15.25, RBR750 before 3.2.15.25, RBS750 before 3.2.15.25, RBK852 before 3.2.10.11, RBK853 before 3.2.10.11, RBR850 before 3.2.10.11, RBS850 before 3.2.10.11, RBK842 before 3.2.10.11, RBR840 before 3.2.10.11, and RBS840 before 3.2.10.11. | |||||
| CVE-2020-4400 | 1 Ibm | 1 Verify Gateway | 2021-07-21 | 5.0 MEDIUM | 7.5 HIGH |
| IBM Verify Gateway (IVG) 1.0.0 and 1.0.1 uses an inadequate account lockout setting that could allow a remote attacker to brute force account credentials. IBM X-Force ID: 179478. | |||||
| CVE-2020-25399 | 1 Mind | 1 Imind Server | 2021-07-21 | 6.8 MEDIUM | 7.8 HIGH |
| Stored XSS in InterMind iMind Server through 3.13.65 allows any user to hijack another user's session by sending a malicious file in the chat. | |||||
| CVE-2019-9104 | 1 Moxa | 12 Mb3170, Mb3170 Firmware, Mb3180 and 9 more | 2021-07-21 | 5.0 MEDIUM | 7.5 HIGH |
| An issue was discovered on Moxa MGate MB3170 and MB3270 devices before 4.1, MB3280 and MB3480 devices before 3.1, MB3660 devices before 2.3, and MB3180 devices before 2.1. The application's configuration file contains parameters that represent passwords in cleartext. | |||||
| CVE-2020-26904 | 1 Netgear | 14 Cbr40, Cbr40 Firmware, Rbk752 and 11 more | 2021-07-21 | 3.3 LOW | 8.8 HIGH |
| Certain NETGEAR devices are affected by disclosure of administrative credentials. This affects CBR40 before 2.5.0.10, RBK752 before 3.2.15.25, RBR750 before 3.2.15.25, RBS750 before 3.2.15.25, RBK852 before 3.2.10.11, RBR850 before 3.2.10.11, and RBS850 before 3.2.10.11. | |||||
| CVE-2020-27986 | 1 Sonarsource | 1 Sonarqube | 2021-07-21 | 5.0 MEDIUM | 7.5 HIGH |
| ** DISPUTED ** SonarQube 8.4.2.36762 allows remote attackers to discover cleartext SMTP, SVN, and GitLab credentials via the api/settings/values URI. NOTE: reportedly, the vendor's position for SMTP and SVN is "it is the administrator's responsibility to configure it." | |||||
| CVE-2019-15653 | 1 Comba | 2 Ap2600-i - A02 - 0202n00pd2, Ap2600-i - A02 - 0202n00pd2 Firmware | 2021-07-21 | 5.0 MEDIUM | 7.5 HIGH |
| Comba AP2600-I devices through A02,0202N00PD2 are prone to password disclosure via an insecure authentication mechanism. The HTML source code of the login page contains values that allow obtaining the username and password. The username are password values are a double md5 of the plaintext real value, i.e., md5(md5(value)). | |||||
| CVE-2020-27888 | 1 Ui | 4 Unifi Controller, Unifi Controller Firmware, Unifi Meshing Access Point and 1 more | 2021-07-21 | 5.0 MEDIUM | 7.5 HIGH |
| An issue was discovered on Ubiquiti UniFi Meshing Access Point UAP-AC-M 4.3.21.11325 and UniFi Controller 6.0.28 devices. Cached credentials are not erased from an access point returning wirelessly from a disconnected state. This may provide unintended network access. | |||||
| CVE-2020-15058 | 1 Lindy-international | 2 42633, 42633 Firmware | 2021-07-21 | 3.3 LOW | 8.8 HIGH |
| Lindy 42633 4-Port USB 2.0 Gigabit Network Server 2.078.000 devices allow an attacker on the same network to elevate privileges because the administrative password can be discovered by sniffing unencrypted UDP traffic. | |||||
| CVE-2019-14483 | 1 Adremsoft | 1 Netcrunch | 2021-07-21 | 9.0 HIGH | 8.8 HIGH |
| AdRem NetCrunch 10.6.0.4587 allows Credentials Disclosure. Every user can read the BSD, Linux, MacOS and Solaris private keys, private keys' passwords, and root passwords stored in the credential manager. Every administrator can read the ESX and Windows passwords stored in the credential manager. | |||||
| CVE-2020-26550 | 1 Aviatrix | 1 Controller | 2021-07-21 | 5.0 MEDIUM | 7.5 HIGH |
| An issue was discovered in Aviatrix Controller before R5.3.1151. An encrypted file containing credentials to unrelated systems is protected by a three-character key. | |||||
| CVE-2020-35623 | 1 Mediawiki | 1 Mediawiki | 2021-07-21 | 5.0 MEDIUM | 7.5 HIGH |
| An issue was discovered in the CasAuth extension for MediaWiki through 1.35.1. Due to improper username validation, it allowed user impersonation with trivial manipulations of certain characters within a given username. An ordinary user may be able to login as a "bureaucrat user" who has a similar username, as demonstrated by usernames that differ only in (1) bidirectional override symbols or (2) blank space. | |||||
| CVE-2019-19218 | 1 Bmcsoftware | 1 Control-m\/agent | 2021-07-21 | 4.3 MEDIUM | 7.5 HIGH |
| BMC Control-M/Agent 7.0.00.000 has Insecure Password Storage. | |||||
| CVE-2020-26906 | 1 Netgear | 14 Cbr40, Cbr40 Firmware, Rbk752 and 11 more | 2021-07-21 | 8.3 HIGH | 8.8 HIGH |
| Certain NETGEAR devices are affected by disclosure of administrative credentials. This affects CBR40 before 2.5.0.10, RBK752 before 3.2.15.25, RBR750 before 3.2.15.25, RBS750 before 3.2.15.25, RBK852 before 3.2.10.11, RBR850 before 3.2.10.11, and RBS850 before 3.2.10.11. | |||||
| CVE-2019-20881 | 1 Mattermost | 1 Mattermost Server | 2021-07-21 | 7.5 HIGH | 7.3 HIGH |
| An issue was discovered in Mattermost Server before 5.8.0. It mishandles brute-force attacks against MFA. | |||||
| CVE-2020-6882 | 1 Zte | 6 Zxhn E8810, Zxhn E8810 Firmware, Zxhn E8820 and 3 more | 2021-07-21 | 5.0 MEDIUM | 7.5 HIGH |
| ZTE E8810/E8820/E8822 series routers have an information leak vulnerability, which is caused by hard-coded MQTT service access credentials on the device. The remote attacker could use this credential to connect to the MQTT server, so as to obtain information about other devices by sending specific topics. This affects:<ZXHN E8810, ZXHN E8820, ZXHN E8822><E8810 V1.0.26, E8810 V2.0.1, E8820 V1.1.3L, E8820 V2.0.13, E8822 V2.0.13> | |||||
| CVE-2019-12418 | 2 Apache, Debian | 2 Tomcat, Debian Linux | 2021-07-21 | 4.4 MEDIUM | 7.0 HIGH |
| When Apache Tomcat 9.0.0.M1 to 9.0.28, 8.5.0 to 8.5.47, 7.0.0 and 7.0.97 is configured with the JMX Remote Lifecycle Listener, a local attacker without access to the Tomcat process or configuration files is able to manipulate the RMI registry to perform a man-in-the-middle attack to capture user names and passwords used to access the JMX interface. The attacker can then use these credentials to access the JMX interface and gain complete control over the Tomcat instance. | |||||
| CVE-2019-6452 | 1 Kyocera | 3 Command Center Rx, Taskalfa 4501i, Taskalfa 5052ci | 2021-06-28 | 4.0 MEDIUM | 8.8 HIGH |
| Kyocera Command Center RX TASKalfa4501i and TASKalfa5052ci allows remote attackers to abuse the Test button in the machine address book to obtain a cleartext FTP or SMB password. | |||||
| CVE-2021-28857 | 1 Tp-link | 2 Tl-wpa4220, Tl-wpa4220 Firmware | 2021-06-23 | 5.0 MEDIUM | 7.5 HIGH |
| TP-Link's TL-WPA4220 4.0.2 Build 20180308 Rel.37064 username and password are sent via the cookie. | |||||
| CVE-2019-12423 | 2 Apache, Oracle | 8 Cxf, Commerce Guided Search, Communications Diameter Signaling Router and 5 more | 2021-06-17 | 4.3 MEDIUM | 7.5 HIGH |
| Apache CXF ships with a OpenId Connect JWK Keys service, which allows a client to obtain the public keys in JWK format, which can then be used to verify the signature of tokens issued by the service. Typically, the service obtains the public key from a local keystore (JKS/PKCS12) by specifing the path of the keystore and the alias of the keystore entry. This case is not vulnerable. However it is also possible to obtain the keys from a JWK keystore file, by setting the configuration parameter "rs.security.keystore.type" to "jwk". For this case all keys are returned in this file "as is", including all private key and secret key credentials. This is an obvious security risk if the user has configured the signature keystore file with private or secret key credentials. From CXF 3.3.5 and 3.2.12, it is mandatory to specify an alias corresponding to the id of the key in the JWK file, and only this key is returned. In addition, any private key information is omitted by default. "oct" keys, which contain secret keys, are not returned at all. | |||||
| CVE-2020-15381 | 1 Broadcom | 1 Sannav | 2021-06-15 | 5.0 MEDIUM | 7.5 HIGH |
| Brocade SANnav before version 2.1.1 contains an Improper Authentication vulnerability that allows cleartext transmission of authentication credentials of the jmx server. | |||||
| CVE-2021-23019 | 1 F5 | 1 Nginx Controller | 2021-06-11 | 6.9 MEDIUM | 7.8 HIGH |
| The NGINX Controller 2.0.0 thru 2.9.0 and 3.x before 3.15.0 Administrator password may be exposed in the systemd.txt file that is included in the NGINX support package. | |||||
| CVE-2019-11272 | 2 Debian, Vmware | 2 Debian Linux, Spring Security | 2021-06-08 | 7.5 HIGH | 7.3 HIGH |
| Spring Security, versions 4.2.x up to 4.2.12, and older unsupported versions support plain text passwords using PlaintextPasswordEncoder. If an application using an affected version of Spring Security is leveraging PlaintextPasswordEncoder and a user has a null encoded password, a malicious user (or attacker) can authenticate using a password of "null". | |||||
| CVE-2020-27781 | 2 Fedoraproject, Redhat | 5 Fedora, Ceph, Ceph Storage and 2 more | 2021-06-03 | 3.6 LOW | 7.1 HIGH |
| User credentials can be manipulated and stolen by Native CephFS consumers of OpenStack Manila, resulting in potential privilege escalation. An Open Stack Manila user can request access to a share to an arbitrary cephx user, including existing users. The access key is retrieved via the interface drivers. Then, all users of the requesting OpenStack project can view the access key. This enables the attacker to target any resource that the user has access to. This can be done to even "admin" users, compromising the ceph administrator. This flaw affects Ceph versions prior to 14.2.16, 15.x prior to 15.2.8, and 16.x prior to 16.2.0. | |||||
| CVE-2021-3528 | 1 Redhat | 1 Noobaa-operator | 2021-06-02 | 6.5 MEDIUM | 8.8 HIGH |
| A flaw was found in noobaa-operator in versions before 5.7.0, where internal RPC AuthTokens between the noobaa operator and the noobaa core are leaked into log files. An attacker with access to the log files could use this AuthToken to gain additional access into noobaa deployment and can read/modify system configuration. | |||||
| CVE-2021-20389 | 2 Ibm, Linux | 2 Security Guardium, Linux Kernel | 2021-05-25 | 2.1 LOW | 7.8 HIGH |
| IBM Security Guardium 11.2 stores user credentials in plain clear text which can be read by a local user. IBM X-Force ID: 195770. | |||||
| CVE-2021-20997 | 1 Wago | 10 0852-0303, 0852-0303 Firmware, 0852-1305 and 7 more | 2021-05-20 | 5.0 MEDIUM | 7.5 HIGH |
| In multiple managed switches by WAGO in different versions it is possible to read out the password hashes of all Web-based Management users. | |||||
| CVE-2020-11925 | 1 Luvion | 2 Grand Elite 3 Connect, Grand Elite 3 Connect Firmware | 2021-04-08 | 8.3 HIGH | 8.8 HIGH |
| An issue was discovered in Luvion Grand Elite 3 Connect through 2020-02-25. Authentication to the device is based on a username and password. The root credentials are the same across all devices of this model. | |||||
| CVE-2021-29255 | 1 Microseven | 2 Mym71080i-b, Mym71080i-b Firmware | 2021-04-02 | 2.9 LOW | 7.5 HIGH |
| MicroSeven MYM71080i-B 2.0.5 through 2.0.20 devices send admin credentials in cleartext to pnp.microseven.com TCP port 7007. An attacker on the same network as the device can capture these credentials. | |||||
| CVE-2021-1392 | 1 Cisco | 2 Ios, Ios Xe | 2021-03-29 | 2.1 LOW | 7.8 HIGH |
| A vulnerability in the CLI command permissions of Cisco IOS and Cisco IOS XE Software could allow an authenticated, local attacker to retrieve the password for Common Industrial Protocol (CIP) and then remotely configure the device as an administrative user. This vulnerability exists because incorrect permissions are associated with the show cip security CLI command. An attacker could exploit this vulnerability by issuing the command to retrieve the password for CIP on an affected device. A successful exploit could allow the attacker to reconfigure the device. | |||||
| CVE-2017-9557 | 1 Echatserver | 1 Easy Chat Server | 2021-03-26 | 5.0 MEDIUM | 7.5 HIGH |
| register.ghp in EFS Software Easy Chat Server versions 2.0 to 3.1 allows remote attackers to discover passwords by sending the username parameter in conjunction with an empty password parameter, and reading the HTML source code of the response. | |||||
| CVE-2021-3141 | 1 Unisys | 1 Stealth | 2021-03-25 | 2.1 LOW | 7.8 HIGH |
| In Unisys Stealth (core) before 6.0.025.0, the Keycloak password is stored in a recoverable format that might be accessible by a local attacker, who could gain access to the Management Server and change the Stealth configuration. | |||||
| CVE-2020-5260 | 6 Canonical, Debian, Fedoraproject and 3 more | 6 Ubuntu Linux, Debian Linux, Fedora and 3 more | 2021-03-19 | 5.0 MEDIUM | 7.5 HIGH |
| Affected versions of Git have a vulnerability whereby Git can be tricked into sending private credentials to a host controlled by an attacker. Git uses external "credential helper" programs to store and retrieve passwords or other credentials from secure storage provided by the operating system. Specially-crafted URLs that contain an encoded newline can inject unintended values into the credential helper protocol stream, causing the credential helper to retrieve the password for one server (e.g., good.example.com) for an HTTP request being made to another server (e.g., evil.example.com), resulting in credentials for the former being sent to the latter. There are no restrictions on the relationship between the two, meaning that an attacker can craft a URL that will present stored credentials for any host to a host of their choosing. The vulnerability can be triggered by feeding a malicious URL to git clone. However, the affected URLs look rather suspicious; the likely vector would be through systems which automatically clone URLs not visible to the user, such as Git submodules, or package systems built around Git. The problem has been patched in the versions published on April 14th, 2020, going back to v2.17.x. Anyone wishing to backport the change further can do so by applying commit 9a6bbee (the full release includes extra checks for git fsck, but that commit is sufficient to protect clients against the vulnerability). The patched versions are: 2.17.4, 2.18.3, 2.19.4, 2.20.3, 2.21.2, 2.22.3, 2.23.2, 2.24.2, 2.25.3, 2.26.1. | |||||
| CVE-2018-20781 | 3 Canonical, Gnome, Oracle | 3 Ubuntu Linux, Gnome Keyring, Zfs Storage Appliance Kit | 2021-03-16 | 2.1 LOW | 7.8 HIGH |
| In pam/gkr-pam-module.c in GNOME Keyring before 3.27.2, the user's password is kept in a session-child process spawned from the LightDM daemon. This can expose the credential in cleartext. | |||||
| CVE-2021-3252 | 1 Kaco-newenergy | 2 Xp100u, Xp100u Firmware | 2021-02-27 | 5.0 MEDIUM | 7.5 HIGH |
| KACO New Energy XP100U Up to XP-JAVA 2.0 is affected by incorrect access control. Credentials will always be returned in plain-text from the local server during the KACO XP100U authentication process, regardless of whatever passwords have been provided, which leads to an information disclosure vulnerability. | |||||
| CVE-2021-27187 | 1 Xn--b1agzlht | 1 Fx Aggregator Terminal Client | 2021-02-18 | 5.0 MEDIUM | 7.5 HIGH |
| The Sovremennye Delovye Tekhnologii FX Aggregator terminal client 1 stores authentication credentials in cleartext in login.sav when the Save Password box is checked. | |||||
| CVE-2020-28219 | 1 Schneider-electric | 2 Ecostruxure Geo Scada Expert 2019, Ecostruxure Geo Scada Expert 2020 | 2020-12-16 | 2.1 LOW | 7.8 HIGH |
| A CWE-522: Insufficiently Protected Credentials vulnerability exists in EcoStruxure Geo SCADA Expert 2019 (Original release and Monthly Updates to September 2020, from 81.7268.1 to 81.7578.1) and EcoStruxure Geo SCADA Expert 2020 (Original release and Monthly Updates to September 2020, from 83.7551.1 to 83.7578.1), that could cause exposure of credentials to server-side users when web users are logged in to Virtual ViewX. | |||||
| CVE-2020-25235 | 1 Siemens | 2 Logo\! 8 Bm, Logo\! 8 Bm Firmware | 2020-12-16 | 5.0 MEDIUM | 7.5 HIGH |
| A vulnerability has been identified in LOGO! 8 BM (incl. SIPLUS variants) (All versions < V8.3). The password used for authentication for the LOGO! Website and the LOGO! Access Tool is sent in a recoverable format. An attacker with access to the network traffic could derive valid logins. | |||||
| CVE-2020-14334 | 1 Redhat | 1 Satellite | 2020-12-04 | 4.6 MEDIUM | 8.8 HIGH |
| A flaw was found in Red Hat Satellite 6 which allows privileged attacker to read cache files. These cache credentials could help attacker to gain complete control of the Satellite instance. | |||||
| CVE-2020-8259 | 1 Nextcloud | 1 Nextcloud | 2020-12-02 | 5.5 MEDIUM | 8.1 HIGH |
| Insufficient protection of the server-side encryption keys in Nextcloud Server 19.0.1 allowed an attacker to replace the encryption keys. | |||||
| CVE-2020-24227 | 1 Playgroundsessions | 1 Playground Sessions | 2020-12-02 | 5.0 MEDIUM | 7.5 HIGH |
| Playground Sessions v2.5.582 (and earlier) for Windows, stores the user credentials in plain text allowing anyone with access to UserProfiles.sol to extract the email and password. | |||||