Vulnerabilities (CVE)

Filtered by CWE-522
Total 1210 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2019-15655 2 D-link, Dlink 2 Dsl-2875al Firmware, Dsl-2875al 2024-11-21 5.0 MEDIUM 7.5 HIGH
D-Link DSL-2875AL devices through 1.00.05 are prone to password disclosure via a simple crafted /romfile.cfg request to the web management server. This request doesn't require any authentication and will lead to saving the configuration file. The password is stored in cleartext.
CVE-2019-15654 1 Comba 2 Ap2600-i - A02 - 0202n00pd2, Ap2600-i - A02 - 0202n00pd2 Firmware 2024-11-21 5.0 MEDIUM 7.5 HIGH
Comba AC2400 devices are prone to password disclosure via a simple crafted /09/business/upgrade/upcfgAction.php?download=true request to the web management server. The request doesn't require any authentication and will lead to saving the DBconfig.cfg file. At the end of the file, the login information is stored in cleartext.
CVE-2019-15653 1 Comba 2 Ap2600-i - A02 - 0202n00pd2, Ap2600-i - A02 - 0202n00pd2 Firmware 2024-11-21 5.0 MEDIUM 7.5 HIGH
Comba AP2600-I devices through A02,0202N00PD2 are prone to password disclosure via an insecure authentication mechanism. The HTML source code of the login page contains values that allow obtaining the username and password. The username are password values are a double md5 of the plaintext real value, i.e., md5(md5(value)).
CVE-2019-15635 1 Grafana 1 Grafana 2024-11-21 4.0 MEDIUM 4.9 MEDIUM
An issue was discovered in Grafana 5.4.0. Passwords for data sources used by Grafana (e.g., MySQL) are not encrypted. An admin user can reveal passwords for any data source by pressing the "Save and test" button within a data source's settings menu. When watching the transaction with Burp Proxy, the password for the data source is revealed and sent to the server. From a browser, a prompt to save the credentials is generated, and the password can be revealed by simply checking the "Show password" box.
CVE-2019-15311 1 Linkplay 1 Linkplay 2024-11-21 10.0 HIGH 9.8 CRITICAL
An issue was discovered on Zolo Halo devices via the Linkplay firmware. There is Zolo Halo LAN remote code execution. The Zolo Halo Bluetooth speaker had a GoAhead web server listening on the port 80. The /httpapi.asp endpoint of the GoAhead web server was also vulnerable to multiple command execution vulnerabilities.
CVE-2019-15052 1 Gradle 1 Gradle 2024-11-21 5.0 MEDIUM 9.8 CRITICAL
The HTTP client in Gradle before 5.6 sends authentication credentials originally destined for the configured host. If that host returns a 30x redirect, Gradle also sends those credentials to all subsequent hosts that the request redirects to. This is similar to CVE-2018-1000007.
CVE-2019-14929 2 Inea, Mitsubishielectric 4 Me-rtu, Me-rtu Firmware, Smartrtu and 1 more 2024-11-21 5.0 MEDIUM 9.8 CRITICAL
An issue was discovered on Mitsubishi Electric Europe B.V. ME-RTU devices through 2.02 and INEA ME-RTU devices through 3.0. Stored cleartext passwords could allow an unauthenticated attacker to obtain configured username and password combinations on the RTU due to the weak credentials management on the RTU. An unauthenticated user can obtain the exposed password credentials to gain access to the following services: DDNS service, Mobile Network Provider, and OpenVPN service.
CVE-2019-14709 1 Microdigital 6 Mdc-n2190v, Mdc-n2190v Firmware, Mdc-n4090 and 3 more 2024-11-21 5.0 MEDIUM 9.8 CRITICAL
A cleartext password storage issue was discovered on MicroDigital N-series cameras with firmware through 6400.0.8.5. The file in question is /usr/local/ipsca/mipsca.db. If a camera is compromised, the attacker can gain access to passwords and abuse them to compromise further systems.
CVE-2019-14483 1 Adremsoft 1 Netcrunch 2024-11-21 9.0 HIGH 8.8 HIGH
AdRem NetCrunch 10.6.0.4587 allows Credentials Disclosure. Every user can read the BSD, Linux, MacOS and Solaris private keys, private keys' passwords, and root passwords stored in the credential manager. Every administrator can read the ESX and Windows passwords stored in the credential manager.
CVE-2019-14477 1 Adremsoft 1 Netcrunch 2024-11-21 2.1 LOW 5.5 MEDIUM
AdRem NetCrunch 10.6.0.4587 has Improper Credential Storage since the internal user database is readable by low-privileged users and passwords in the database are weakly encoded or encrypted.
CVE-2019-13400 1 Fortinet 2 Fcm-mb40, Fcm-mb40 Firmware 2024-11-21 5.0 MEDIUM 9.8 CRITICAL
Dynacolor FCM-MB40 v1.2.0.0 use /etc/appWeb/appweb.pass to store administrative web-interface credentials in cleartext. These credentials can be retrieved via cgi-bin/getuserinfo.cgi?mode=info.
CVE-2019-13349 1 Knowage-suite 1 Knowage 2024-11-21 4.0 MEDIUM 4.9 MEDIUM
In Knowage through 6.1.1, an authenticated user that accesses the users page will obtain all user password hashes.
CVE-2019-13348 1 Eng 1 Knowage 2024-11-21 4.0 MEDIUM 8.8 HIGH
In Knowage through 6.1.1, an authenticated user who accesses the datasources page will gain access to any data source credentials in cleartext, which includes databases.
CVE-2019-13179 1 Calamares 1 Calamares 2024-11-21 5.0 MEDIUM 7.5 HIGH
Calamares versions 3.1 through 3.2.10 copies a LUKS encryption keyfile from /crypto_keyfile.bin (mode 0600 owned by root) to /boot within a globally readable initramfs image with insecure permissions, which allows this originally protected file to be read by any user, thereby disclosing decryption keys for LUKS containers created with Full Disk Encryption.
CVE-2019-13054 1 Logitech 2 R500, R500 Firmware 2024-11-21 3.3 LOW 6.5 MEDIUM
The Logitech R500 presentation clicker allows attackers to determine the AES key, leading to keystroke injection. On Windows, any text may be injected by using ALT+NUMPAD input to bypass the restriction on the characters A through Z.
CVE-2019-13023 1 Jetstream 1 Jetselect 2024-11-21 4.0 MEDIUM 6.5 MEDIUM
An issue was discovered in all versions of Bond JetSelect. Within the JetSelect Application, the web interface hides RADIUS secrets, WPA passwords, and SNMP strings from 'non administrative' users using HTML 'password field' obfuscation. By using Developer tools or similar, it is possible to change the obfuscation so that the credentials are visible.
CVE-2019-13022 1 Jetstream 1 Jetselect 2024-11-21 10.0 HIGH 9.8 CRITICAL
Bond JetSelect (all versions) has an issue in the Java class (ENCtool.jar) and corresponding password generation algorithm (used to set initial passwords upon first installation). It XORs the plaintext into the 'encrypted' password that is then stored within the database. These steps are able to be trivially reversed, allowing for escalation of privilege within the JetSelect application through obtaining the passwords of JetSelect administrators. JetSelect administrators have the ability to modify and delete all networking configuration across a vessel, as well as altering network configuration of all managed network devices (switches, routers).
CVE-2019-13021 1 Jetstream 1 Jetselect 2024-11-21 4.0 MEDIUM 6.5 MEDIUM
The administrative passwords for all versions of Bond JetSelect are stored within an unprotected file on the filesystem, rather than encrypted within the MySQL database. This backup copy of the passwords is made as part of the installation script, after the administrator has generated a password using ENCtool.jar (see CVE-2019-13022). This allows any low-privilege user who can read this file to trivially obtain the passwords for the administrative accounts of the JetSelect application. The path to the file containing the encoded password hash is /opt/JetSelect/SFC/resources/sfc-general-properties.
CVE-2019-12847 1 Jetbrains 1 Hub 2024-11-21 4.0 MEDIUM 7.2 HIGH
In JetBrains Hub versions earlier than 2018.4.11298, the audit events for SMTPSettings show a cleartext password to the admin user. It is only relevant in cases where a password has not changed since 2017, and if the audit log still contains events from before that period.
CVE-2019-12452 1 Traefik 1 Traefik 2024-11-21 3.5 LOW 7.5 HIGH
types/types.go in Containous Traefik 1.7.x through 1.7.11, when the --api flag is used and the API is publicly reachable and exposed without sufficient access control (which is contrary to the API documentation), allows remote authenticated users to discover password hashes by reading the Basic HTTP Authentication or Digest HTTP Authentication section, or discover a key by reading the ClientTLS section. These can be found in the JSON response to a /api request.