CWE-522
Insufficiently Protected Credentials
ClassIncomplete
Description
The product transmits or stores authentication credentials, but it uses an insecure method that is susceptible to unauthorized interception and/or retrieval.
Hierarchy (View 1000)
Related attack patterns (CAPEC)
CAPEC-102 · CAPEC-474 · CAPEC-50 · CAPEC-509 · CAPEC-551 · CAPEC-555 · CAPEC-560 · CAPEC-561 · CAPEC-600 · CAPEC-644 · CAPEC-645 · CAPEC-652 · CAPEC-653
CVEs mapped to this weakness (143)
page 1 of 8| CVE | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2017-9248 | Cri | 0.86 | 9.8 | 0.89 | KEV | Jul 3, 2017 | Telerik.Web.UI.dll in Progress Telerik UI for ASP.NET AJAX before R2 2017 SP1 and Sitefinity before 10.0.6412.0 does not properly protect Telerik.Web.UI.DialogParametersEncryptionKey or the MachineKey, which makes it easier for remote attackers to defeat cryptographic protection mechanisms, leading to a MachineKey leak, arbitrary file uploads or downloads, XSS, or ASP.NET ViewState compromise. |
| CVE-2014-1812 | Hig | 0.85 | 8.8 | 0.84 | KEV | May 14, 2014 | The Group Policy implementation in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, and Windows Server 2012 Gold and R2 does not properly handle distribution of passwords, which allows remote authenticated users to obtain sensitive credential information and consequently gain privileges by leveraging access to the SYSVOL share, as exploited in the wild in May 2014, aka "Group Policy Preferences Password Elevation of Privilege Vulnerability." |
| CVE-2024-44000 | Cri | 0.74 | 9.8 | 0.92 | Oct 20, 2024 | Insufficiently Protected Credentials vulnerability in LiteSpeed Technologies LiteSpeed Cache litespeed-cache allows Authentication Bypass.This issue affects LiteSpeed Cache: from n/a through < 6.5.0.1. | |
| CVE-2024-32238 | Cri | 0.71 | 9.8 | 0.88 | Apr 22, 2024 | H3C ER8300G2-X is vulnerable to Incorrect Access Control. The password for the router's management system can be accessed via the management system page login interface. | |
| CVE-2000-0944 | Cri | 0.68 | 9.8 | 0.11 | Dec 19, 2000 | CGI Script Center News Update 1.1 does not properly validate the original news administration password during a password change operation, which allows remote attackers to modify the password without knowing the original password. | |
| CVE-2007-0681 | Cri | 0.67 | 9.8 | 0.07 | Feb 3, 2007 | profile.php in ExtCalendar 2 and earlier allows remote attackers to change the passwords of arbitrary users without providing the original password, and possibly perform other unauthorized actions, via modified values to register.php. | |
| CVE-2024-12799 | Cri | 0.65 | — | 0.00 | Mar 5, 2025 | Insufficiently Protected Credentials vulnerability in OpenText Identity Manager Advanced Edition on Windows, Linux, 64 bit allows Privilege Abuse. This vulnerability could allow an authenticated user to obtain higher privileged user’s sensitive information via crafted payload. This issue affects Identity Manager Advanced Edition: from 4.8.0.0 through 4.8.7.0102, 4.9.0.0. | |
| CVE-2025-25570 | Cri | 0.65 | 9.8 | 0.21 | Feb 27, 2025 | Vue Vben Admin 2.10.1 allows unauthorized login to the backend due to an issue with hardcoded credentials. | |
| CVE-2025-55306 | Cri | 0.64 | 9.8 | 0.00 | Aug 19, 2025 | GenX_FX is an advance IA trading platform that will focus on forex trading. A vulnerability was identified in the GenX FX backend where API keys and authentication tokens may be exposed if environment variables are misconfigured. Unauthorized users could gain access to cloud resources (Google Cloud, Firebase, GitHub, etc.). | |
| CVE-2025-0867 | Cri | 0.64 | 9.9 | 0.00 | Feb 14, 2025 | The standard user uses the run as function to start the MEAC applications with administrative privileges. To ensure that the system can startup on its own, the credentials of the administrator were stored. Consequently, the EPC2 user can execute any command with administrative privileges. This allows a privilege escalation to the administrative level. | |
| CVE-2024-57395 | Cri | 0.64 | 9.8 | 0.03 | Jan 29, 2025 | Password Vulnerability in Safety production process management system v1.0 allows a remote attacker to escalate privileges, execute arbitrary code and obtain sensitive information via the password and account number parameters. | |
| CVE-2023-48010 | Cri | 0.64 | 9.8 | 0.00 | Dec 5, 2024 | STMicroelectronics SPC58 is vulnerable to Missing Protection Mechanism for Alternate Hardware Interface. Code running as Supervisor on the SPC58 PowerPC microcontrollers may disable the System Memory Protection Unit and gain unabridged read/write access to protected assets. | |
| CVE-2024-36081 | Cri | 0.64 | 9.8 | 0.00 | May 19, 2024 | Westermo EDW-100 devices through 2024-05-03 allow an unauthenticated user to download a configuration file containing a cleartext password. NOTE: this is a serial-to-Ethernet converter that should not be placed at the edge of the network. | |
| CVE-2017-11349 | Cri | 0.64 | 9.8 | 0.01 | Jul 17, 2017 | dataTaker DT8x dEX 1.72.007 allows remote attackers to compose programs or schedules, for purposes such as sending e-mail messages or making outbound connections to FTP servers for uploading data. | |
| CVE-2005-3435 | Cri | 0.64 | 9.8 | 0.01 | Nov 2, 2005 | admin_news.php in Archilles Newsworld up to 1.3.0 allows attackers to bypass authentication by obtaining the password hash for another user, for example through another Newsworld vulnerability, and specifying the hash in the pwd argument. | |
| CVE-2026-40173 | Cri | 0.61 | 9.4 | 0.00 | Apr 15, 2026 | Dgraph is an open source distributed GraphQL database. Versions 25.3.1 and prior contain an unauthenticated credential disclosure vulnerability where the /debug/pprof/cmdline endpoint is registered on the default mux and reachable without authentication, exposing the full process command line including the admin token configured via the --security "token=..." startup flag. An attacker can retrieve the leaked token and reuse it in the X-Dgraph-AuthToken header to gain unauthorized access to admin-only endpoints such as /admin/config/cache_mb, bypassing the adminAuthHandler token validation. This enables unauthorized privileged administrative access including configuration changes and operational control actions in any deployment where the Alpha HTTP port is reachable by untrusted parties. This issue has been fixed in version 25.3.2. | |
| CVE-2024-5176 | Cri | 0.61 | — | 0.00 | May 31, 2024 | Insufficiently Protected Credentials vulnerability in Baxter Welch Allyn Configuration Tool may allow Remote Services with Stolen Credentials.This issue affects Welch Allyn Configuration Tool: versions 1.9.4.1 and prior. | |
| CVE-2025-22372 | Cri | 0.60 | — | 0.00 | Apr 14, 2025 | Insufficiently Protected Credentials vulnerability in SicommNet BASEC on SaaS allows Password Recovery. Passwords are either stored in plain text using reversible encryption, allowing an attacker with sufficient privileges to extract plain text passwords easily. This issue affects BASEC: from 14 Dec 2021. | |
| CVE-2025-2311 | Cri | 0.59 | 9.0 | 0.00 | Mar 20, 2025 | Incorrect Use of Privileged APIs, Cleartext Transmission of Sensitive Information, Insufficiently Protected Credentials vulnerability in Sechard Information Technologies SecHard allows Authentication Bypass, Interface Manipulation, Authentication Abuse, Harvesting Information via API Event Monitoring.This issue affects SecHard: before 3.3.0.20220411. | |
| CVE-2025-25650 | Cri | 0.59 | 9.1 | 0.00 | Mar 17, 2025 | An issue in the storage of NFC card data in Dorset DG 201 Digital Lock H5_433WBSK_v2.2_220605 allows attackers to produce cloned NFC cards to bypass authentication. |