VYPR

CWE-522

Insufficiently Protected Credentials

ClassIncomplete

Description

The product transmits or stores authentication credentials, but it uses an insecure method that is susceptible to unauthorized interception and/or retrieval.

Hierarchy (View 1000)

Related attack patterns (CAPEC)

CAPEC-102 · CAPEC-474 · CAPEC-50 · CAPEC-509 · CAPEC-551 · CAPEC-555 · CAPEC-560 · CAPEC-561 · CAPEC-600 · CAPEC-644 · CAPEC-645 · CAPEC-652 · CAPEC-653

CVEs mapped to this weakness (561)

page 15 of 29
  • CVE-2025-52623LowFeb 3, 2026
    risk 0.24cvss 3.7epss 0.00

    HCL AION is affected by an Autocomplete HTML Attribute Not Disabled for Password Field vulnerability. This can allow autocomplete on password fields may lead to unintended storage or disclosure of sensitive credentials, potentially increasing the risk of unauthorized access.…

  • CVE-2024-11856LowDec 2, 2024
    risk 0.24cvss 3.7epss 0.00

    A security vulnerability in HPE IceWall products could be exploited remotely to cause Unauthorized Data Modification.

  • CVE-2024-30119LowJun 14, 2024
    risk 0.24cvss 3.7epss 0.00

    HCL DRYiCE Optibot Reset Station is impacted by a missing Strict Transport Security Header.  This could allow an attacker to intercept or manipulate data during redirection.

  • CVE-2016-9593MedApr 16, 2018
    risk 0.24cvss 4.7epss 0.01

    foreman-debug before version 1.15.0 is vulnerable to a flaw in foreman-debug's logging. An attacker with access to the foreman log file would be able to view passwords, allowing them to access those systems.

  • CVE-2026-9395LowMay 24, 2026
    risk 0.23cvss 3.5epss 0.00

    A vulnerability was identified in Besen BS20 EV Charging Station up to 20260426. Affected is an unknown function of the component BLE/UDP. The manipulation leads to insufficiently protected credentials. The attack needs to be initiated within the local network. The original…

  • CVE-2026-7038LowApr 26, 2026
    risk 0.21cvss 3.3epss 0.00

    A weakness has been identified in tufantunc ssh-mcp up to 1.5.0. Impacted is an unknown function of the file src/index.ts of the component Command Line Handler. This manipulation causes insufficiently protected credentials. The attack is restricted to local execution. The…

  • CVE-2018-1000402MedJul 9, 2018
    risk 0.21cvss 4.3epss 0.01

    Jenkins project Jenkins AWS CodeDeploy Plugin version 1.19 and earlier contains a File and Directory Information Exposure vulnerability in AWSCodeDeployPublisher.java that can result in Disclosure of environment variables. This vulnerability appears to have been fixed in 1.20…

  • CVE-2018-1000057MedFeb 9, 2018
    risk 0.21cvss 4.3epss 0.01

    Jenkins Credentials Binding Plugin 1.14 and earlier masks passwords it provides to build processes in their build logs. Jenkins however transforms provided password values, e.g. replacing environment variable references, which could result in values different from but similar to…

  • CVE-2025-62312LowMay 14, 2026
    risk 0.20cvss 3.0epss 0.00

    HCL AION is affected by a vulnerability where basic authorization tokens are used for authentication. Use of basic authorization mechanisms may expose credentials to potential interception or misuse, especially if not combined with secure transmission practices.

  • CVE-2025-6526LowJun 23, 2025
    risk 0.20cvss 3.1epss 0.01

    A vulnerability, which was classified as problematic, has been found in 70mai M300 up to 20250611. This issue affects some unknown processing of the component HTTP Server. The manipulation leads to insufficiently protected credentials. The attack can only be done within the…

  • CVE-2025-62345LowMay 6, 2026
    risk 0.18cvss 2.7epss 0.00

    HCL BigFix RunBookAI is affected by a Continued availability of Less-Secure “Input Text” Vulnerability . A component contains a security weakness in its input handling implementation, increasing the risk of misconfiguration and operational errors.

  • CVE-2026-6408LowApr 22, 2026
    risk 0.18cvss 2.7epss 0.00

    Tanium addressed an information disclosure vulnerability in Tanium Server.

  • CVE-2026-27316LowApr 14, 2026
    risk 0.18cvss 2.7epss 0.00

    A insufficiently protected credentials vulnerability in Fortinet FortiSandbox 5.0.0 through 5.0.5, FortiSandbox 4.4 all versions, FortiSandbox PaaS 5.0.1 through 5.0.5 may allow an authenticathed administrator to read LDAP server credentials via client-side inspection.

  • CVE-2025-67860LowFeb 25, 2026
    risk 0.18cvss 3.8epss 0.00

    A vulnerability has been identified in the NeuVector scanner where the scanner process accepts registry and controller credentials as command-line arguments, potentially exposing sensitive credentials to local users.

  • CVE-2025-0760LowFeb 26, 2025
    risk 0.18cvss 2.7epss 0.00

    A Credential Disclosure vulnerability exists where an administrator could extract the stored SMTP account credentials due to lack of encryption.

  • CVE-2026-1966LowFeb 5, 2026
    risk 0.16cvss epss 0.00

    YugabyteDB Anywhere displays LDAP bind passwords configured via gflags in cleartext within the web UI. An authenticated user with access to the configuration view could obtain LDAP credentials, potentially enabling unauthorized access to external directory services.

  • CVE-2026-4387LowMay 29, 2026
    risk 0.13cvss epss 0.00

    StrongDM Desktop Application before 23.74.0 (Desktop Client before 53.77.0) on Microsoft Windows stores authentication state, including a JSON Web Token and asymmetric key material, in cleartext in a per-user state file located at C:\Users\\.sdm\state.kv. The file is…

  • CVE-2024-9014Sep 23, 2024
    risk 0.07cvss epss 0.10

    pgAdmin versions 8.11 and earlier are vulnerable to a security flaw in OAuth2 authentication. This vulnerability allows an attacker to potentially obtain the client ID and secret, leading to unauthorized access to user data.

  • CVE-2021-44451Feb 1, 2022
    risk 0.07cvss epss 0.08

    Apache Superset up to and including 1.3.2 allowed for registered database connections password leak for authenticated users. This information could be accessed in a non-trivial way. Users should upgrade to Apache Superset 1.4.0 or higher.

  • CVE-2012-5627Oct 1, 2013
    risk 0.04cvss epss 0.11

    Oracle MySQL and MariaDB 5.5.x before 5.5.29, 5.3.x before 5.3.12, and 5.2.x before 5.2.14 does not modify the salt during multiple executions of the change_user command within the same connection which makes it easier for remote authenticated users to conduct brute force…