VYPR

CWE-522

Insufficiently Protected Credentials

ClassIncomplete

Description

The product transmits or stores authentication credentials, but it uses an insecure method that is susceptible to unauthorized interception and/or retrieval.

Hierarchy (View 1000)

Related attack patterns (CAPEC)

CAPEC-102 · CAPEC-474 · CAPEC-50 · CAPEC-509 · CAPEC-551 · CAPEC-555 · CAPEC-560 · CAPEC-561 · CAPEC-600 · CAPEC-644 · CAPEC-645 · CAPEC-652 · CAPEC-653

CVEs mapped to this weakness (561)

page 6 of 29
  • CVE-2018-7698HigMar 5, 2018
    risk 0.53cvss 8.1epss 0.01

    An issue was discovered in D-Link mydlink+ 3.8.5 build 259 for DCS-933L 1.05.04 and DCS-934L 1.05.04 devices. The mydlink+ app sends the username and password for connected D-Link cameras (such as DCS-933L and DCS-934L) unencrypted from the app to the camera, allowing attackers…

  • CVE-2017-14711HigNov 13, 2017
    risk 0.53cvss 8.1epss 0.01

    The Kickbase GmbH "Kickbase Bundesliga Manager" app before 2.2.1 -- aka kickbase-bundesliga-manager/id678241305 -- for iOS is vulnerable to a credentials leak due to transmitting a username and password in cleartext from client to server during registration and authentication.

  • CVE-2017-3760HigOct 17, 2017
    risk 0.53cvss 8.1epss 0.01

    The Lenovo Service Framework Android application uses a set of nonsecure credentials when performing integrity verification of downloaded applications and/or data. This exposes the application to man-in-the-middle attacks leading to possible remote code execution.

  • CVE-2017-14418HigSep 13, 2017
    risk 0.53cvss 8.1epss 0.01

    The D-Link NPAPI extension, as used in conjunction with D-Link DIR-850L REV. B (with firmware through FW208WWb02) devices, sends the cleartext admin password over the Internet as part of interaction with mydlink Cloud Services.

  • CVE-2017-1337HigJul 10, 2017
    risk 0.53cvss 8.1epss 0.01

    IBM WebSphere MQ 9.0.1 and 9.0.2 Java/JMS application can incorrectly transmit user credentials in plain text. IBM X-Force ID: 126245.

  • CVE-2026-48039criJun 11, 2026
    risk 0.52cvss epss 0.00

    # Unauthenticated HTTP MCP Tool Execution Leaks Operator Meta Access Token | Field | Value | | ---------------- | ----- | | Repository | pipeboard-co/meta-ads-mcp | | Affected version | ≤ 1.0.101 (commit 496c988 ~ 7d14226); Versions 1.0.102–1.0.105 lack git…

  • CVE-2026-46440CriJun 8, 2026
    risk 0.52cvss 9.1epss 0.00

    Flowise is a drag & drop user interface to build a customized large language model flow. Prior to version 3.1.2, the checkBasicAuth endpoint validates credentials in plaintext without rate limiting and with direct comparison. This issue has been patched in version 3.1.2.

  • CVE-2026-45091CriMay 12, 2026
    risk 0.52cvss 9.1epss 0.00

    sealed-env is a cross-stack, zero-trust secret management library for Node.js and Java/Spring Boot. In sealed-env enterprise mode, versions 0.1.0-alpha.1 through 0.1.0-alpha.3 embedded the operator's literal TOTP secret in the JWS payload of every minted unseal token. JWS…

  • CVE-2024-51240HigNov 5, 2024
    risk 0.52cvss 8.0epss 0.00

    An issue in the luci-mod-rpc package in OpenWRT Luci LTS allows for privilege escalation from an admin account to root via the JSON-RPC-API, which is exposed by the luci-mod-rpc package

  • CVE-2024-8986CriSep 19, 2024
    risk 0.52cvss epss 0.01

    The grafana plugin SDK bundles build metadata into the binaries it compiles; this metadata includes the repository URI for the plugin being built, as retrieved by running `git remote get-url origin`. If credentials are included in the repository URI (for instance, to allow for…

  • CVE-2024-29941HigMay 6, 2024
    risk 0.52cvss 8.0epss 0.00

    Insecure storage of the ICT MIFARE and DESFire encryption keys in the firmware binary allows malicious actors to create credentials for any site code and card number that is using the default ICT encryption.

  • CVE-2017-8222HigApr 25, 2017
    risk 0.52cvss 7.5epss 0.04

    Wireless IP Camera (P2P) WIFICAM devices have an "Apple Production IOS Push Services" private RSA key and certificate stored in /system/www/pem/ck.pem inside the firmware, which allows attackers to obtain sensitive information.

  • CVE-2025-36568HigApr 17, 2026
    risk 0.51cvss 7.8epss 0.00

    Dell PowerProtect Data Domain BoostFS for client of Feature Release versions 7.7.1.0 through 8.5, LTS2025 release version 8.3.1.0 through 8.3.1.20, LTS2024 release versions 7.13.1.0 through 7.13.1.50, contain an insufficiently protected credentials vulnerability. A low…

  • CVE-2025-54808HigOct 23, 2025
    risk 0.51cvss 7.8epss 0.00

    Oxford Nanopore Technologies' MinKNOW software at or prior to version 24.11 stores authentication tokens in a file located in the system's temporary directory (/tmp) on the host machine. This directory is typically world-readable, allowing any local user or application to access…

  • CVE-2018-11748HigOct 2, 2018
    risk 0.51cvss 7.8epss 0.00

    Previous releases of the Puppet device_manager module creates configuration files containing credentials that are world readable. This issue has been resolved as of device_manager 2.7.0.

  • CVE-2018-1000403HigJul 9, 2018
    risk 0.51cvss 7.8epss 0.00

    Jenkins project Jenkins AWS CodeDeploy Plugin version 1.19 and earlier contains a Insufficiently Protected Credentials vulnerability in AWSCodeDeployPublisher.java that can result in Credentials Disclosure. This attack appear to be exploitable via local file access. This…

  • CVE-2018-11634HigJul 3, 2018
    risk 0.51cvss 7.8epss 0.00

    Plaintext Storage of Passwords in the administrative console in Dialogic PowerMedia XMS before 3.5 SU2 allows local users to access the web application's user passwords in cleartext by reading /var/www/xms/xmsdb/default.db.

  • CVE-2018-13014HigJun 29, 2018
    risk 0.51cvss 7.8epss 0.00

    Storing password in recoverable format in safensec.com (SysWatch service) in SAFE'N'SEC SoftControl/SafenSoft SysWatch, SoftControl/SafenSoft TPSecure, and SoftControl/SafenSoft Enterprise Suite before 4.4.2 allows the local attacker to restore the SysWatch password from the…

  • CVE-2018-0335HigJun 7, 2018
    risk 0.51cvss 7.8epss 0.00

    A vulnerability in the web portal authentication process of Cisco Prime Collaboration Provisioning could allow an unauthenticated, local attacker to view sensitive data. The vulnerability is due to improper logging of authentication data. An attacker could exploit this…

  • CVE-2018-6618HigMay 11, 2018
    risk 0.51cvss 7.8epss 0.00

    Easy Hosting Control Panel (EHCP) v0.37.12.b allows attackers to obtain sensitive information by leveraging cleartext password storage.