Total
23 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2020-5721 | 1 Mikrotik | 1 Winbox | 2024-11-21 | 5.5 Medium |
| MikroTik WinBox 3.22 and below stores the user's cleartext password in the settings.cfg.viw configuration file when the Keep Password field is set and no Master Password is set. Keep Password is set by default and, by default Master Password is not set. An attacker with access to the configuration file can extract a username and password to gain access to the router. | ||||
| CVE-2019-3780 | 1 Cloudfoundry | 1 Container Runtime | 2024-11-21 | 8.8 High |
| Cloud Foundry Container Runtime, versions prior to 0.28.0, deploys K8s worker nodes that contains a configuration file with IAAS credentials. A malicious user with access to the k8s nodes can obtain IAAS credentials allowing the user to escalate privileges to gain access to the IAAS account. | ||||
| CVE-2016-7043 | 1 Redhat | 1 Kie-server | 2024-11-21 | N/A |
| It has been reported that KIE server and Busitess Central before version 7.21.0.Final contain username and password as plaintext Java properties. Any app deployed on the same server would have access to these properties, thus granting access to ther services. | ||||