358 matches found
CVE-2023-31187
Avaya IX Workforce Engagement v15.2.7.1195 - CWE-522: Insufficiently Protected Credentials...
CVE-2023-31187
Avaya IX Workforce Engagement v15.2.7.1195 - CWE-522: Insufficiently Protected Credentials...
Design/Logic Flaw
Avaya IX Workforce Engagement v15.2.7.1195 - CWE-522: Insufficiently Protected Credentials...
CVE-2023-31187
CVE-2023-31187 affects Avaya IX Workforce Engagement v15.2.7.1195. The underlying issue is CWE-522: Insufficiently Protected Credentials, leading to potential exposure of sensitive data. According to the sources, the vulnerability has a network attack vector with low complexity and low privileges...
CVE-2023-31187 Avaya IX Workforce Engagement - CWE-522: Insufficiently Protected Credentials
Avaya IX Workforce Engagement v15.2.7.1195 - CWE-522: Insufficiently Protected Credentials...
CVE-2023-31187 Avaya IX Workforce Engagement - CWE-522: Insufficiently Protected Credentials
Avaya IX Workforce Engagement v15.2.7.1195 - CWE-522: Insufficiently Protected Credentials...
SUSE SLES12 Security Update : curl (SUSE-SU-2023:2225-1)
The remote SUSE Linux SLES12 / SLESSAP12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:2225-1 advisory. This update for curl adds the following feature: Update to version 8.0.1 jscPED-2580 - CVE-2023-28319: use-after-free in SSH sha256...
CVE-2023-24506 Milesight NCR/Camera CWE-522: Insufficiently Protected Credentials
Milesight NCR/camera version 71.8.0.6-r5 exposes credentials through an unspecified request...
Design/Logic Flaw
An insufficiently protected credentials vulnerability CWE-522 in FortiNAC-F 7.2.0, FortiNAC 9.4.1 and below, 9.2.6 and below, 9.1.8 and below, 8.8.0 all versions, 8.7.0 all versions may allow a local attacker with system access to retrieve users' passwords...
CVE-2022-45859
CVE-2022-45859 affects Fortinet FortiNAC: FortiNAC-F 7.2.0 and FortiNAC 9.x (all 9.x releases up to the listed below versions), where an insufficient protection of credentials (CWE-522) vulnerability could allow a local attacker with system access to retrieve users’ passwords. Affected: FortiNAC-...
CP Plus KVMS Pro
1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low attack complexity Vendor: CP Plus Equipment: KVMS Pro Vulnerability: Insufficiently Protected Credentials 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to retrieve sensitive credentials and control the...
Amazon Linux 2023 : curl, curl-minimal, libcurl (ALAS2023-2023-083)
It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2023-083 advisory. 2024-02-15: CVE-2022-27781 was added to this advisory. A vulnerability was found in curl. This security flaw allows reusing OAUTH2-authenticated connections without properly ensuring that the...
Schneider Electric Modicon PLCs Insufficiently Protected Credentials (CVE-2017-6028)
An Insufficiently Protected Credentials issue was discovered in Schneider Electric Modicon PLCs Modicon M241, all firmware versions, and Modicon M251, all firmware versions. Log-in credentials are sent over the network with Base64 encoding leaving them susceptible to sniffing. Sniffed credentials...
K55539088: Intel SSD vulnerabilities CVE-2020-0584, CVE-2020-12309, CVE-2020-12310, CVE-2020-12311
Security Advisory Description CVE-2020-0584 Buffer overflow in firmware for IntelR SSD DC P4800X and P4801X Series, IntelR OptaneTM SSD 900P and 905P Series may allow an unauthenticated user to potentially enable a denial of service via local access. CVE-2020-12309 Insufficiently protected...
K30857274: Intel QAT vulnerability CVE-2020-12333
Security Advisory Description Insufficiently protected credentials in the IntelR QAT for Linux before version 1.7.l.4.10.0 may allow an authenticated user to potentially enable escalation of privilege via local access. CVE-2020-12333 Impact There is no impact; F5 products are not affected by this...
CVE-2023-23463
Sunell DVR, latest version, Insufficiently Protected Credentials CWE-522 may be exposed through an unspecified request...
CVE-2023-23463 Sunell DVR – Insufficiently Protected Credentials
Sunell DVR, latest version, Insufficiently Protected Credentials CWE-522 may be exposed through an unspecified request...
CVE-2023-24498 Netgear ProSAFE 24 Port 10/100 FS726TP - CWE-522: Insufficiently Protected Credentials.
An uspecified endpoint in the web server of the switch does not properly authenticate the user identity, and may allow downloading a config page with the password to the switch in clear text...
CVE-2023-23463 Sunell DVR – Insufficiently Protected Credentials
Sunell DVR, latest version, Insufficiently Protected Credentials CWE-522 may be exposed through an unspecified request...
CVE-2023-23463
The CVE-2023-23463 entry concerns Sunell DVR, latest version, with a vulnerability labeled as Insufficiently Protected Credentials (CWE-522) that may be exposed through an unspecified request. This is a network‑driven issue (CVSSv3.1 base score 7.5, HIGH) with no detailed exploit path provided in...