Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-522 (不充分的凭证保护机制) — Vulnerability Class 367

367 vulnerabilities classified as CWE-522 (不充分的凭证保护机制). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2023-4328 Broadcom RAID Controller web interface is vulnerable to exposure of sensitive data and the keys used for encryption are accessible to any local user on Linux — LSI Storage Authority (LSA) 5.5 -2023-08-15
CVE-2023-4327 Broadcom RAID Controller web interface is vulnerable to exposure of sensitive data and the keys used for encryption are accessible to any local user on Linux — LSI Storage Authority (LSA) 5.5 -2023-08-15
CVE-2023-37362 Weintek Weincloud Improper Authentication — Weincloud 7.2 High2023-07-19
CVE-2023-35348 Active Directory Federation Service Security Feature Bypass Vulnerability — Windows Server 2019 6.5 Medium2023-07-11
CVE-2023-29168 PTC Vuforia Studio Insufficiently Protected Credentials — Vuforia Studio 3.7 Low2023-06-07
CVE-2023-31187 Avaya IX Workforce Engagement - CWE-522: Insufficiently Protected Credentials — IX Workforce Engagement 6.5 Medium2023-05-30
CVE-2023-32687 Insufficiently Protected ChatBot Credentials in tgstation-server — tgstation-server 7.7 High2023-05-29
CVE-2023-31136 PostgresNIO processes unencrypted bytes from man-in-the-middle — postgres-nio 3.7 Low2023-05-09
CVE-2023-28764 Information Disclosure vulnerability in SAP BusinessObjects Platform — SAP BusinessObjects Platform 3.7 Low2023-05-09
CVE-2023-24506 Milesight NCR/Camera CWE-522: Insufficiently Protected Credentials — NCR/Camera 7.5 High2023-05-08
CVE-2022-45859 Fortinet FortiNAC 安全漏洞 — FortiNAC 3.9 Medium2023-05-03
CVE-2023-25495 Lenovo XClarity Controller 安全漏洞 — XClarity Controller 4.9 Medium2023-04-28
CVE-2023-30846 typed-rest-client vulnerable to potential leak of authentication data to 3rd parties — typed-rest-client 9.1 Critical2023-04-26
CVE-2023-28084 HPE OneView and HPE OneView Global Dashboard appliance dumps may expose authentication tokens — HPE OneView 7.5 -2023-04-25
CVE-2023-30776 Apache Superset: Database connection password leak — Apache Superset 4.9 Medium2023-04-24
CVE-2022-48433 JetBrains IntelliJ IDEA 安全漏洞 — IntelliJ IDEA 6.1 Medium2023-03-29
CVE-2023-1518 CP Plus KVMS Pro 安全漏洞 — KVMS Pro 7.8 High2023-03-28
CVE-2022-40678 Fortinet FortiNAC 安全漏洞 — FortiNAC 7.4 High2023-02-16
CVE-2023-23463 Sunell DVR – Insufficiently Protected Credentials — DVR 5.3 Medium2023-02-15
CVE-2023-24498 Netgear ProSAFE 24 Port 10/100 FS726TP - CWE-522: Insufficiently Protected Credentials. — ProSAFE 24 Port 10/100 FS726TP 7.5 High2023-02-15
CVE-2022-32518 Schneider Electric StruxureWare Data Center Expert 安全漏洞 — Data Center Expert 8.0 High2023-01-30
CVE-2022-32520 Schneider Electric StruxureWare Data Center Expert 安全漏洞 — Data Center Expert 8.0 High2023-01-30
CVE-2022-23538 User credentials leaked to third-party service via HTTP redirect in scs-library-client — scs-library-client 5.2 Medium2023-01-17
CVE-2021-36204 Insufficiently Protected Credentials in Metasys — Metasys ADS/ADX/OAS 7.8 High2023-01-13
CVE-2016-15014 CESNET theme-cesnet resetpassword.php insufficiently protected credentials — theme-cesnet 3.3 Low2023-01-07
CVE-2022-2967 Prosys OPC UA Simulation Server 安全漏洞 — UA Simulation Server 6.5 Medium2023-01-03
CVE-2022-4612 Click Studios Passwordstate insufficiently protected credentials — Passwordstate 4.3 Medium2022-12-19
CVE-2022-29839 Remote Backups Application Discloses Stored Credentials — My Cloud 4.1 Medium2022-12-09
CVE-2022-46155 Airtable.js credentials exposed in browser builds — airtable.js 7.6 High2022-11-29
CVE-2022-29833 Mitsubishi Electric GX Works 安全漏洞 — GX Works3 6.8 Medium2022-11-24

Vulnerabilities classified as CWE-522 (不充分的凭证保护机制) represent 367 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.