Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-523 (凭证传输未经安全保护) — Vulnerability Class 17

17 vulnerabilities classified as CWE-523 (凭证传输未经安全保护). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2026-23635 Kiteworks Secure Data Forms has a potential Unprotected Transport of Credentials — Secure Data Forms 6.5 Medium2026-03-25
CVE-2025-64309 Brightpick Mission Control / Internal Logic Control Unprotected Transport of Credentials — Brightpick Mission Control / Internal Logic Control 8.6 High2025-11-14
CVE-2025-64308 Brightpick Mission Control / Internal Logic Control Unprotected Transport of Credentials — Brightpick Mission Control / Internal Logic Control 7.5 High2025-11-14
CVE-2025-41705 Phoenix Contact: WebSocket Message Interception Leaks Webfrontend Credentials — QUINT4-UPS/24DC/24DC/5/EIP 6.8 Medium2025-10-14
CVE-2025-57800 Audiobookshelf vulnerable to OIDC token exfiltration and account takeover — audiobookshelf 8.8 High2025-08-22
CVE-2024-1509 Brocade ASCG 3.2.0 web interface does not enforce HSTS, as defined by RFC 6797 for ports 8030 and 8100 — ASCG 7.4 -2025-02-28
CVE-2024-4188 Security vulnerability exists in Documentum server cloud releases that could allow access to sensitive information which can impact system Operation. — Documentum™ Server 4.3AIMediumAI2024-07-30
CVE-2024-20395 Cisco Webex 安全漏洞 — Cisco Webex Teams 6.4 Medium2024-07-17
CVE-2024-1102 Jberet: jberet-core logging database credentials 6.5 Medium2024-04-25
CVE-2023-31277 PiiGAB M-Bus Unprotected Transport of Credentials — M-Bus SoftwarePack 7.5 High2023-07-06
CVE-2023-22862 IBM Aspera information disclosure — Aspera Connect 5.9 Medium2023-06-04
CVE-2023-28708 Apache Tomcat: JSESSIONID Cookie missing secure attribute in some configurations — Apache Tomcat 6.5 -2023-03-22
CVE-2022-31805 Insecure transmission of credentials — CODESYS Development System 7.5 High2022-06-24
CVE-2021-38460 Moxa MXview Network Management Software — MXview Network Management Software 7.5 High2021-10-12
CVE-2021-32003 Configuration service port remains open 10 minutes after reboot even when already provisioned — SiteManager 8.0 High2021-08-05
CVE-2020-25175 General Electric Healthcare Imaging 和 General Electric Healthcare Ultrasound 安全漏洞 — GE Healthcare Imaging and Ultrasound Products 9.8 -2020-12-14
CVE-2017-16731 ABB Ellipse 安全漏洞 — ABB Ellipse 8.8 -2017-12-20

Vulnerabilities classified as CWE-523 (凭证传输未经安全保护) represent 17 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.