Monthly
Credential exposure in Redmine allows any local attacker with access to a previously-used browser session to recover plaintext login credentials stored by the application after form submission. The flaw (CWE-257) affects all tracked Redmine versions per NVD CPE data and represents a classic insecure credential storage issue. No public exploit has been identified at time of analysis, and exploitation is constrained to local attack vectors requiring prior user interaction.
Fortinet FortiSOAR stores LDAP service account passwords in a recoverable format, allowing authenticated high-privilege remote attackers to retrieve plaintext or weakly protected credentials by modifying the LDAP server address in configuration. This affects FortiSOAR PaaS and on-premise versions 7.3 through 7.6.4. The vulnerability requires high-level administrative authentication and poses a confidentiality risk to stored credentials, with no evidence of active exploitation or public exploit code at time of analysis.
Fortinet FortiSOAR PaaS and on-premise versions 7.3 through 7.6.4 store connector passwords in a recoverable format, allowing authenticated remote attackers to retrieve plaintext or weakly encrypted credentials for multiple installed connectors by modifying the server address in connector configuration. This affects security orchestration workflows that depend on connector authentication for external integrations.
Progress OpenEdge 12.2.0-12.2.18 and 12.8.0-12.8.9 expose stored passwords and secrets to decryption through cryptographically weak OECH1 prefix encoding. Remote unauthenticated attackers can exploit this weakness to recover obfuscated credentials and sensitive data (CVSS 9.1, VC:H/VI:H). No public exploit identified at time of analysis, but the vulnerability is automatable with total technical impact per SSVC framework, making credential harvesting straightforward once encoding is accessed.
Hirschmann HiLCOS Classic Platform switches Classic L2E, L2P, L3E, L3P versions prior to 09.0.06 and Classic L2B prior to 05.3.07 contain a credential exposure vulnerability where user passwords are. Rated high severity (CVSS 8.6), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
Eaton EasySoft project files use weak encryption vulnerable to brute force attacks, allowing local attackers with file access to extract sensitive information and modify project configurations. An authenticated user on the affected system can exploit this weakness to compromise confidentiality and integrity of stored data. No patch is currently available for this vulnerability.
RustDesk Client through version 1.4.5 on Windows, macOS, and Linux uses weak password hashing and improper object prototype handling in its password security and configuration encryption modules, allowing local authenticated attackers to extract embedded sensitive data including passwords and machine identifiers. The vulnerability affects critical cryptographic functions including symmetric_crypt() and decrypt_str_or_original(), enabling attackers with local access and valid credentials to compromise encrypted credentials and system identifiers. No patch is currently available.
Privilege escalation in Cisco Catalyst SD-WAN Manager (versions prior to 20.18) enables authenticated local attackers with valid vmanage credentials to obtain Data Collection Agent (DCA) user privileges by reading an unprotected credential file from the filesystem. Confirmed actively exploited (CISA KEV) with publicly available exploit code despite low EPSS score (0.02%), indicating targeted attacks rather than widespread scanning. High-privileged initial access requirement (PR:H) and high attack complexity (AC:H) limit exploitability, but scope change (S:C) enables lateral movement to other SD-WAN systems.
Explorance Blue versions prior to 8.14.12 use reversible symmetric encryption with a hardcoded static key to protect sensitive data, including user passwords and system configurations. This approach allows stored values to be decrypted offline if the encrypted data are obtained. [CVSS 6.8 MEDIUM]
from 6.0 versions up to 9.0 contains a vulnerability that allows attackers to access stored passwords in a recoverable format which makes them subject to pass.
Credential exposure in Redmine allows any local attacker with access to a previously-used browser session to recover plaintext login credentials stored by the application after form submission. The flaw (CWE-257) affects all tracked Redmine versions per NVD CPE data and represents a classic insecure credential storage issue. No public exploit has been identified at time of analysis, and exploitation is constrained to local attack vectors requiring prior user interaction.
Fortinet FortiSOAR stores LDAP service account passwords in a recoverable format, allowing authenticated high-privilege remote attackers to retrieve plaintext or weakly protected credentials by modifying the LDAP server address in configuration. This affects FortiSOAR PaaS and on-premise versions 7.3 through 7.6.4. The vulnerability requires high-level administrative authentication and poses a confidentiality risk to stored credentials, with no evidence of active exploitation or public exploit code at time of analysis.
Fortinet FortiSOAR PaaS and on-premise versions 7.3 through 7.6.4 store connector passwords in a recoverable format, allowing authenticated remote attackers to retrieve plaintext or weakly encrypted credentials for multiple installed connectors by modifying the server address in connector configuration. This affects security orchestration workflows that depend on connector authentication for external integrations.
Progress OpenEdge 12.2.0-12.2.18 and 12.8.0-12.8.9 expose stored passwords and secrets to decryption through cryptographically weak OECH1 prefix encoding. Remote unauthenticated attackers can exploit this weakness to recover obfuscated credentials and sensitive data (CVSS 9.1, VC:H/VI:H). No public exploit identified at time of analysis, but the vulnerability is automatable with total technical impact per SSVC framework, making credential harvesting straightforward once encoding is accessed.
Hirschmann HiLCOS Classic Platform switches Classic L2E, L2P, L3E, L3P versions prior to 09.0.06 and Classic L2B prior to 05.3.07 contain a credential exposure vulnerability where user passwords are. Rated high severity (CVSS 8.6), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
Eaton EasySoft project files use weak encryption vulnerable to brute force attacks, allowing local attackers with file access to extract sensitive information and modify project configurations. An authenticated user on the affected system can exploit this weakness to compromise confidentiality and integrity of stored data. No patch is currently available for this vulnerability.
RustDesk Client through version 1.4.5 on Windows, macOS, and Linux uses weak password hashing and improper object prototype handling in its password security and configuration encryption modules, allowing local authenticated attackers to extract embedded sensitive data including passwords and machine identifiers. The vulnerability affects critical cryptographic functions including symmetric_crypt() and decrypt_str_or_original(), enabling attackers with local access and valid credentials to compromise encrypted credentials and system identifiers. No patch is currently available.
Privilege escalation in Cisco Catalyst SD-WAN Manager (versions prior to 20.18) enables authenticated local attackers with valid vmanage credentials to obtain Data Collection Agent (DCA) user privileges by reading an unprotected credential file from the filesystem. Confirmed actively exploited (CISA KEV) with publicly available exploit code despite low EPSS score (0.02%), indicating targeted attacks rather than widespread scanning. High-privileged initial access requirement (PR:H) and high attack complexity (AC:H) limit exploitability, but scope change (S:C) enables lateral movement to other SD-WAN systems.
Explorance Blue versions prior to 8.14.12 use reversible symmetric encryption with a hardcoded static key to protect sensitive data, including user passwords and system configurations. This approach allows stored values to be decrypted offline if the encrypted data are obtained. [CVSS 6.8 MEDIUM]
from 6.0 versions up to 9.0 contains a vulnerability that allows attackers to access stored passwords in a recoverable format which makes them subject to pass.