Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2025-64420

Summary
Assigner-GitHub_M
Assigner Org ID-a0819718-46f1-4df5-94e2-005712e83aaa
Published At-05 Jan, 2026 | 19:20
Updated At-05 Jan, 2026 | 19:30
Rejected At-
Credits

Coolify members can see private key of root user

Coolify is an open-source and self-hostable tool for managing servers, applications, and databases. In Coolify versions prior to and including v4.0.0-beta.434, low privileged users are able to see the private key of the root user on the Coolify instance. This allows them to ssh to the server and authenticate as root user, using the private key. As of time of publication, it is unclear if a patch is available.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
â–¼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:GitHub_M
Assigner Org ID:a0819718-46f1-4df5-94e2-005712e83aaa
Published At:05 Jan, 2026 | 19:20
Updated At:05 Jan, 2026 | 19:30
Rejected At:
â–¼CVE Numbering Authority (CNA)
Coolify members can see private key of root user

Coolify is an open-source and self-hostable tool for managing servers, applications, and databases. In Coolify versions prior to and including v4.0.0-beta.434, low privileged users are able to see the private key of the root user on the Coolify instance. This allows them to ssh to the server and authenticate as root user, using the private key. As of time of publication, it is unclear if a patch is available.

Affected Products
Vendor
coollabsio
Product
coolify
Versions
Affected
  • <= 4.0.0-beta.434
Problem Types
TypeCWE IDDescription
CWECWE-522CWE-522: Insufficiently Protected Credentials
Type: CWE
CWE ID: CWE-522
Description: CWE-522: Insufficiently Protected Credentials
Metrics
VersionBase scoreBase severityVector
3.110.0CRITICAL
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
Version: 3.1
Base score: 10.0
Base severity: CRITICAL
Vector:
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions

Configurations

Workarounds

Exploits

Credits

Timeline
EventDate
Replaced By

Rejected Reason

References
HyperlinkResource
https://github.com/coollabsio/coolify/security/advisories/GHSA-qwxj-qch7-whpc
x_refsource_CONFIRM
Hyperlink: https://github.com/coollabsio/coolify/security/advisories/GHSA-qwxj-qch7-whpc
Resource:
x_refsource_CONFIRM
â–¼Authorized Data Publishers (ADP)
CISA ADP Vulnrichment
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions

Configurations

Workarounds

Exploits

Credits

Timeline
EventDate
Replaced By

Rejected Reason

References
HyperlinkResource
Information is not available yet
â–¼National Vulnerability Database (NVD)
nvd.nist.gov
Source:security-advisories@github.com
Published At:05 Jan, 2026 | 20:16
Updated At:12 Jan, 2026 | 14:31

Coolify is an open-source and self-hostable tool for managing servers, applications, and databases. In Coolify versions prior to and including v4.0.0-beta.434, low privileged users are able to see the private key of the root user on the Coolify instance. This allows them to ssh to the server and authenticate as root user, using the private key. As of time of publication, it is unclear if a patch is available.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Secondary3.19.9CRITICAL
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
Primary3.18.8HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Type: Secondary
Version: 3.1
Base score: 9.9
Base severity: CRITICAL
Vector:
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
Type: Primary
Version: 3.1
Base score: 8.8
Base severity: HIGH
Vector:
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CPE Matches

coollabs
coollabs
>>coolify>>Versions before 4.0.0(exclusive)
cpe:2.3:a:coollabs:coolify:*:*:*:*:*:*:*:*
coollabs
coollabs
>>coolify>>4.0.0
cpe:2.3:a:coollabs:coolify:4.0.0:beta100:*:*:*:*:*:*
coollabs
coollabs
>>coolify>>4.0.0
cpe:2.3:a:coollabs:coolify:4.0.0:beta101:*:*:*:*:*:*
coollabs
coollabs
>>coolify>>4.0.0
cpe:2.3:a:coollabs:coolify:4.0.0:beta102:*:*:*:*:*:*
coollabs
coollabs
>>coolify>>4.0.0
cpe:2.3:a:coollabs:coolify:4.0.0:beta103:*:*:*:*:*:*
coollabs
coollabs
>>coolify>>4.0.0
cpe:2.3:a:coollabs:coolify:4.0.0:beta104:*:*:*:*:*:*
coollabs
coollabs
>>coolify>>4.0.0
cpe:2.3:a:coollabs:coolify:4.0.0:beta105:*:*:*:*:*:*
coollabs
coollabs
>>coolify>>4.0.0
cpe:2.3:a:coollabs:coolify:4.0.0:beta106:*:*:*:*:*:*
coollabs
coollabs
>>coolify>>4.0.0
cpe:2.3:a:coollabs:coolify:4.0.0:beta107:*:*:*:*:*:*
coollabs
coollabs
>>coolify>>4.0.0
cpe:2.3:a:coollabs:coolify:4.0.0:beta108:*:*:*:*:*:*
coollabs
coollabs
>>coolify>>4.0.0
cpe:2.3:a:coollabs:coolify:4.0.0:beta109:*:*:*:*:*:*
coollabs
coollabs
>>coolify>>4.0.0
cpe:2.3:a:coollabs:coolify:4.0.0:beta110:*:*:*:*:*:*
coollabs
coollabs
>>coolify>>4.0.0
cpe:2.3:a:coollabs:coolify:4.0.0:beta111:*:*:*:*:*:*
coollabs
coollabs
>>coolify>>4.0.0
cpe:2.3:a:coollabs:coolify:4.0.0:beta112:*:*:*:*:*:*
coollabs
coollabs
>>coolify>>4.0.0
cpe:2.3:a:coollabs:coolify:4.0.0:beta113:*:*:*:*:*:*
coollabs
coollabs
>>coolify>>4.0.0
cpe:2.3:a:coollabs:coolify:4.0.0:beta114:*:*:*:*:*:*
coollabs
coollabs
>>coolify>>4.0.0
cpe:2.3:a:coollabs:coolify:4.0.0:beta115:*:*:*:*:*:*
coollabs
coollabs
>>coolify>>4.0.0
cpe:2.3:a:coollabs:coolify:4.0.0:beta116:*:*:*:*:*:*
coollabs
coollabs
>>coolify>>4.0.0
cpe:2.3:a:coollabs:coolify:4.0.0:beta117:*:*:*:*:*:*
coollabs
coollabs
>>coolify>>4.0.0
cpe:2.3:a:coollabs:coolify:4.0.0:beta118:*:*:*:*:*:*
coollabs
coollabs
>>coolify>>4.0.0
cpe:2.3:a:coollabs:coolify:4.0.0:beta119:*:*:*:*:*:*
coollabs
coollabs
>>coolify>>4.0.0
cpe:2.3:a:coollabs:coolify:4.0.0:beta120:*:*:*:*:*:*
coollabs
coollabs
>>coolify>>4.0.0
cpe:2.3:a:coollabs:coolify:4.0.0:beta121:*:*:*:*:*:*
coollabs
coollabs
>>coolify>>4.0.0
cpe:2.3:a:coollabs:coolify:4.0.0:beta122:*:*:*:*:*:*
coollabs
coollabs
>>coolify>>4.0.0
cpe:2.3:a:coollabs:coolify:4.0.0:beta123:*:*:*:*:*:*
coollabs
coollabs
>>coolify>>4.0.0
cpe:2.3:a:coollabs:coolify:4.0.0:beta124:*:*:*:*:*:*
coollabs
coollabs
>>coolify>>4.0.0
cpe:2.3:a:coollabs:coolify:4.0.0:beta125:*:*:*:*:*:*
coollabs
coollabs
>>coolify>>4.0.0
cpe:2.3:a:coollabs:coolify:4.0.0:beta126:*:*:*:*:*:*
coollabs
coollabs
>>coolify>>4.0.0
cpe:2.3:a:coollabs:coolify:4.0.0:beta127:*:*:*:*:*:*
coollabs
coollabs
>>coolify>>4.0.0
cpe:2.3:a:coollabs:coolify:4.0.0:beta128:*:*:*:*:*:*
coollabs
coollabs
>>coolify>>4.0.0
cpe:2.3:a:coollabs:coolify:4.0.0:beta129:*:*:*:*:*:*
coollabs
coollabs
>>coolify>>4.0.0
cpe:2.3:a:coollabs:coolify:4.0.0:beta130:*:*:*:*:*:*
coollabs
coollabs
>>coolify>>4.0.0
cpe:2.3:a:coollabs:coolify:4.0.0:beta131:*:*:*:*:*:*
coollabs
coollabs
>>coolify>>4.0.0
cpe:2.3:a:coollabs:coolify:4.0.0:beta132:*:*:*:*:*:*
coollabs
coollabs
>>coolify>>4.0.0
cpe:2.3:a:coollabs:coolify:4.0.0:beta133:*:*:*:*:*:*
coollabs
coollabs
>>coolify>>4.0.0
cpe:2.3:a:coollabs:coolify:4.0.0:beta134:*:*:*:*:*:*
coollabs
coollabs
>>coolify>>4.0.0
cpe:2.3:a:coollabs:coolify:4.0.0:beta135:*:*:*:*:*:*
coollabs
coollabs
>>coolify>>4.0.0
cpe:2.3:a:coollabs:coolify:4.0.0:beta136:*:*:*:*:*:*
coollabs
coollabs
>>coolify>>4.0.0
cpe:2.3:a:coollabs:coolify:4.0.0:beta137:*:*:*:*:*:*
coollabs
coollabs
>>coolify>>4.0.0
cpe:2.3:a:coollabs:coolify:4.0.0:beta138:*:*:*:*:*:*
coollabs
coollabs
>>coolify>>4.0.0
cpe:2.3:a:coollabs:coolify:4.0.0:beta139:*:*:*:*:*:*
coollabs
coollabs
>>coolify>>4.0.0
cpe:2.3:a:coollabs:coolify:4.0.0:beta140:*:*:*:*:*:*
coollabs
coollabs
>>coolify>>4.0.0
cpe:2.3:a:coollabs:coolify:4.0.0:beta141:*:*:*:*:*:*
coollabs
coollabs
>>coolify>>4.0.0
cpe:2.3:a:coollabs:coolify:4.0.0:beta142:*:*:*:*:*:*
coollabs
coollabs
>>coolify>>4.0.0
cpe:2.3:a:coollabs:coolify:4.0.0:beta143:*:*:*:*:*:*
coollabs
coollabs
>>coolify>>4.0.0
cpe:2.3:a:coollabs:coolify:4.0.0:beta144:*:*:*:*:*:*
coollabs
coollabs
>>coolify>>4.0.0
cpe:2.3:a:coollabs:coolify:4.0.0:beta145:*:*:*:*:*:*
coollabs
coollabs
>>coolify>>4.0.0
cpe:2.3:a:coollabs:coolify:4.0.0:beta146:*:*:*:*:*:*
coollabs
coollabs
>>coolify>>4.0.0
cpe:2.3:a:coollabs:coolify:4.0.0:beta147:*:*:*:*:*:*
coollabs
coollabs
>>coolify>>4.0.0
cpe:2.3:a:coollabs:coolify:4.0.0:beta148:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-522Primarysecurity-advisories@github.com
CWE ID: CWE-522
Type: Primary
Source: security-advisories@github.com
Evaluator Description

Evaluator Impact

Evaluator Solution

Vendor Statements

References
HyperlinkSourceResource
https://github.com/coollabsio/coolify/security/advisories/GHSA-qwxj-qch7-whpcsecurity-advisories@github.com
Exploit
Vendor Advisory
Hyperlink: https://github.com/coollabsio/coolify/security/advisories/GHSA-qwxj-qch7-whpc
Source: security-advisories@github.com
Resource:
Exploit
Vendor Advisory

Change History

0
Information is not available yet

Similar CVEs

75Records found

CVE-2019-10316
Matching Score-4
Assigner-Jenkins Project
ShareView Details
Matching Score-4
Assigner-Jenkins Project
CVSS Score-8.8||HIGH
EPSS-1.83% / 76.29%
||
7 Day CHG~0.00%
Published-30 Apr, 2019 | 12:25
Updated-04 Aug, 2024 | 22:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Jenkins Aqua MicroScanner Plugin 1.0.5 and earlier stored credentials unencrypted in its global configuration file on the Jenkins master where they could be viewed by users with access to the master file system.

Action-Not Available
Vendor-Jenkins
Product-aqua_microscannerJenkins Aqua MicroScanner Plugin
CWE ID-CWE-522
Insufficiently Protected Credentials
CVE-2019-10285
Matching Score-4
Assigner-Jenkins Project
ShareView Details
Matching Score-4
Assigner-Jenkins Project
CVSS Score-8.8||HIGH
EPSS-1.77% / 75.46%
||
7 Day CHG~0.00%
Published-04 Apr, 2019 | 15:38
Updated-04 Aug, 2024 | 22:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Jenkins Minio Storage Plugin stores credentials unencrypted in its global configuration file on the Jenkins master where they can be viewed by users with access to the master file system.

Action-Not Available
Vendor-Jenkins
Product-minio_storageJenkins Minio Storage Plugin
CWE ID-CWE-522
Insufficiently Protected Credentials
CVE-2019-10313
Matching Score-4
Assigner-Jenkins Project
ShareView Details
Matching Score-4
Assigner-Jenkins Project
CVSS Score-8.8||HIGH
EPSS-1.83% / 76.29%
||
7 Day CHG~0.00%
Published-30 Apr, 2019 | 12:25
Updated-04 Aug, 2024 | 22:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Jenkins Twitter Plugin stores credentials unencrypted in its global configuration file on the Jenkins master where they can be viewed by users with access to the master file system.

Action-Not Available
Vendor-Jenkins
Product-twitterJenkins Twitter Plugin
CWE ID-CWE-522
Insufficiently Protected Credentials
CVE-2019-10318
Matching Score-4
Assigner-Jenkins Project
ShareView Details
Matching Score-4
Assigner-Jenkins Project
CVSS Score-8.8||HIGH
EPSS-1.83% / 76.29%
||
7 Day CHG~0.00%
Published-30 Apr, 2019 | 12:25
Updated-04 Aug, 2024 | 22:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Jenkins Azure AD Plugin 0.3.3 and earlier stored the client secret unencrypted in the global config.xml configuration file on the Jenkins master where it could be viewed by users with access to the master file system.

Action-Not Available
Vendor-Jenkins
Product-azure_adJenkins Azure AD Plugin
CWE ID-CWE-522
Insufficiently Protected Credentials
CVE-2019-10299
Matching Score-4
Assigner-Jenkins Project
ShareView Details
Matching Score-4
Assigner-Jenkins Project
CVSS Score-8.8||HIGH
EPSS-1.77% / 75.46%
||
7 Day CHG~0.00%
Published-04 Apr, 2019 | 15:38
Updated-04 Aug, 2024 | 22:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Jenkins CloudCoreo DeployTime Plugin stores credentials unencrypted in its global configuration file on the Jenkins master where they can be viewed by users with access to the master file system.

Action-Not Available
Vendor-Jenkins
Product-cloudcoreo_deploytimeJenkins CloudCoreo DeployTime Plugin
CWE ID-CWE-522
Insufficiently Protected Credentials
CVE-2019-10302
Matching Score-4
Assigner-Jenkins Project
ShareView Details
Matching Score-4
Assigner-Jenkins Project
CVSS Score-8.8||HIGH
EPSS-1.37% / 68.65%
||
7 Day CHG~0.00%
Published-18 Apr, 2019 | 16:54
Updated-04 Aug, 2024 | 22:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Jenkins jira-ext Plugin 0.8 and earlier stored credentials unencrypted in its global configuration file on the Jenkins master where they could be viewed by users with access to the master file system.

Action-Not Available
Vendor-Jenkins
Product-jira-extJenkins jira-ext Plugin
CWE ID-CWE-522
Insufficiently Protected Credentials
CVE-2026-23742
Matching Score-4
Assigner-GitHub, Inc.
ShareView Details
Matching Score-4
Assigner-GitHub, Inc.
CVSS Score-8.8||HIGH
EPSS-0.47% / 37.51%
||
7 Day CHG~0.00%
Published-16 Jan, 2026 | 20:07
Updated-18 Feb, 2026 | 16:28
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Skipper arbitrary code execution through lua filters

Skipper is an HTTP router and reverse proxy for service composition. The default skipper configuration before 0.23.0 was -lua-sources=inline,file. The problem starts if untrusted users can create lua filters, because of -lua-sources=inline , for example through a Kubernetes Ingress resource. The configuration inline allows these user to create a script that is able to read the filesystem accessible to the skipper process and if the user has access to read the logs, they an read skipper secrets. This vulnerability is fixed in 0.23.0.

Action-Not Available
Vendor-zalandozalando
Product-skipperskipper
CWE ID-CWE-250
Execution with Unnecessary Privileges
CWE ID-CWE-522
Insufficiently Protected Credentials
CWE ID-CWE-94
Improper Control of Generation of Code ('Code Injection')
CVE-2022-30018
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-8.8||HIGH
EPSS-1.00% / 58.63%
||
7 Day CHG~0.00%
Published-19 May, 2022 | 13:13
Updated-03 Aug, 2024 | 06:40
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Mobotix Control Center (MxCC) through 2.5.4.5 has Insufficiently Protected Credentials, Storing Passwords in a Recoverable Format via the MxCC.ini config file. The credential storage method in this software enables an attacker/user of the machine to gain admin access to the software and gain access to recordings/recording locations.

Action-Not Available
Vendor-mobotixn/a
Product-mxcontrolcentern/a
CWE ID-CWE-522
Insufficiently Protected Credentials
CVE-2022-29457
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-8.8||HIGH
EPSS-7.72% / 93.90%
||
7 Day CHG~0.00%
Published-18 Apr, 2022 | 19:47
Updated-03 Aug, 2024 | 06:26
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Zoho ManageEngine ADSelfService Plus before 6121, ADAuditPlus 7060, Exchange Reporter Plus 5701, and ADManagerPlus 7131 allow NTLM Hash disclosure during certain storage-path configuration steps.

Action-Not Available
Vendor-n/aZoho Corporation Pvt. Ltd.
Product-manageengine_admanager_plusmanageengine_adselfservice_plusmanageengine_adaudit_plusmanageengine_exchange_reporter_plusn/a
CWE ID-CWE-522
Insufficiently Protected Credentials
CVE-2022-24978
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-8.8||HIGH
EPSS-1.09% / 61.39%
||
7 Day CHG~0.00%
Published-05 Apr, 2022 | 18:24
Updated-03 Aug, 2024 | 04:29
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Zoho ManageEngine ADAudit Plus before 7055 allows authenticated Privilege Escalation on Integrated products. This occurs because a password field is present in a JSON response.

Action-Not Available
Vendor-n/aZoho Corporation Pvt. Ltd.
Product-manageengine_adaudit_plusn/a
CWE ID-CWE-319
Cleartext Transmission of Sensitive Information
CWE ID-CWE-522
Insufficiently Protected Credentials
CVE-2018-0474
Matching Score-4
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-4
Assigner-Cisco Systems, Inc.
CVSS Score-4.3||MEDIUM
EPSS-1.49% / 71.01%
||
7 Day CHG~0.00%
Published-10 Jan, 2019 | 16:00
Updated-21 Nov, 2024 | 19:49
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco Unified Communications Manager Digest Credentials Disclosure Vulnerability

A vulnerability in the web-based management interface of Cisco Unified Communications Manager could allow an authenticated, remote attacker to view digest credentials in clear text. The vulnerability is due to the incorrect inclusion of saved passwords in configuration pages. An attacker could exploit this vulnerability by logging in to the Cisco Unified Communications Manager web-based management interface and viewing the source code for the configuration page. A successful exploit could allow the attacker to recover passwords and expose those accounts to further attack.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-unified_communications_managerCisco Unified Communications Manager
CWE ID-CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
CWE ID-CWE-522
Insufficiently Protected Credentials
CVE-2017-7510
Matching Score-4
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-4
Assigner-Red Hat, Inc.
CVSS Score-8.8||HIGH
EPSS-1.04% / 59.72%
||
7 Day CHG~0.00%
Published-25 Mar, 2019 | 17:50
Updated-05 Aug, 2024 | 16:04
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In ovirt-engine 4.1, if a host was provisioned with cloud-init, the root password could be revealed through the REST interface.

Action-Not Available
Vendor-[UNKNOWN]Red Hat, Inc.
Product-ovirt-engineRHV
CWE ID-CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
CWE ID-CWE-522
Insufficiently Protected Credentials
CVE-2014-1812
Matching Score-4
Assigner-Microsoft Corporation
ShareView Details
Matching Score-4
Assigner-Microsoft Corporation
CVSS Score-8.8||HIGH
EPSS-65.12% / 99.16%
||
7 Day CHG+0.81%
Published-14 May, 2014 | 10:00
Updated-22 Apr, 2026 | 16:44
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Known KEV||Action Due Date - 2022-05-03||Apply updates per vendor instructions.

The Group Policy implementation in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, and Windows Server 2012 Gold and R2 does not properly handle distribution of passwords, which allows remote authenticated users to obtain sensitive credential information and consequently gain privileges by leveraging access to the SYSVOL share, as exploited in the wild in May 2014, aka "Group Policy Preferences Password Elevation of Privilege Vulnerability."

Action-Not Available
Vendor-n/aMicrosoft Corporation
Product-windows_7windows_8.1windows_server_2008windows_vistawindows_8windows_server_2012n/aWindows
CWE ID-CWE-522
Insufficiently Protected Credentials
CVE-2023-25760
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-8.8||HIGH
EPSS-0.57% / 43.10%
||
7 Day CHG~0.00%
Published-19 Apr, 2023 | 00:00
Updated-05 Feb, 2025 | 17:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Incorrect Access Control in Tripleplay Platform releases prior to Caveman 3.4.0 allows authenticated user to modify other users passwords via a crafted request payload

Action-Not Available
Vendor-uniguestn/a
Product-tripleplayn/a
CWE ID-CWE-522
Insufficiently Protected Credentials
CVE-2021-43397
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-8.8||HIGH
EPSS-3.69% / 88.38%
||
7 Day CHG~0.00%
Published-11 Nov, 2021 | 04:39
Updated-04 Aug, 2024 | 03:55
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

LiquidFiles before 3.6.3 allows remote attackers to elevate their privileges from Admin (or User Admin) to Sysadmin.

Action-Not Available
Vendor-liquidfilesn/a
Product-liquidfilesn/a
CWE ID-CWE-522
Insufficiently Protected Credentials
CVE-2021-41297
Matching Score-4
Assigner-TWCERT/CC
ShareView Details
Matching Score-4
Assigner-TWCERT/CC
CVSS Score-8.8||HIGH
EPSS-0.72% / 49.35%
||
7 Day CHG~0.00%
Published-30 Sep, 2021 | 10:41
Updated-16 Sep, 2024 | 20:22
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
ECOA BAS controller - Insufficiently Protected Credentials-1

ECOA BAS controller is vulnerable to weak access control mechanism allowing authenticated user to remotely escalate privileges by disclosing credentials of administrative accounts in plain-text.

Action-Not Available
Vendor-ecoaECOA
Product-ecs_router_controller-ecs_firmwareecs_router_controller-ecsriskbusterriskterminatorriskbuster_firmwareECS Router Controller ECS (FLASH)RiskBuster System RB 3.0.0RiskBuster System TRANE 1.0Graphic Control SoftwareRiskBuster Terminator E6L45SmartHome II E9246RiskTerminator
CWE ID-CWE-522
Insufficiently Protected Credentials
CVE-2021-40360
Matching Score-4
Assigner-Siemens
ShareView Details
Matching Score-4
Assigner-Siemens
CVSS Score-8.8||HIGH
EPSS-0.68% / 47.99%
||
7 Day CHG+0.01%
Published-09 Feb, 2022 | 15:17
Updated-04 Aug, 2024 | 02:44
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in SIMATIC PCS 7 V8.2 (All versions), SIMATIC PCS 7 V9.0 (All versions), SIMATIC PCS 7 V9.1 (All versions < V9.1 SP1), SIMATIC WinCC V15 and earlier (All versions < V15 SP1 Update 7), SIMATIC WinCC V16 (All versions < V16 Update 5), SIMATIC WinCC V17 (All versions < V17 Update 2), SIMATIC WinCC V7.4 (All versions < V7.4 SP1 Update 19), SIMATIC WinCC V7.5 (All versions < V7.5 SP2 Update 6). The password hash of a local user account in the remote server could be granted via public API to a user on the affected system. An authenticated attacker could brute force the password hash and use it to login to the server.

Action-Not Available
Vendor-Siemens AG
Product-simatic_winccsimatic_pcs_7SIMATIC WinCC V15 and earlierSIMATIC WinCC V17SIMATIC PCS 7 V9.1SIMATIC PCS 7 V9.0SIMATIC WinCC V7.4SIMATIC WinCC V7.5SIMATIC WinCC V16SIMATIC PCS 7 V8.2
CWE ID-CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
CWE ID-CWE-522
Insufficiently Protected Credentials
CVE-2021-36783
Matching Score-4
Assigner-SUSE
ShareView Details
Matching Score-4
Assigner-SUSE
CVSS Score-9.9||CRITICAL
EPSS-0.65% / 46.54%
||
7 Day CHG~0.00%
Published-07 Sep, 2022 | 08:20
Updated-16 Sep, 2024 | 18:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Rancher: Failure to properly sanitize credentials in cluster template answers

A Insufficiently Protected Credentials vulnerability in SUSE Rancher allows authenticated Cluster Owners, Cluster Members, Project Owners and Project Members to read credentials, passwords and API tokens that have been stored in cleartext and exposed via API endpoints. This issue affects: SUSE Rancher Rancher versions prior to 2.6.4; Rancher versions prior to 2.5.13.

Action-Not Available
Vendor-SUSE
Product-rancherRancher
CWE ID-CWE-522
Insufficiently Protected Credentials
CVE-2021-3528
Matching Score-4
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-4
Assigner-Red Hat, Inc.
CVSS Score-8.8||HIGH
EPSS-0.89% / 54.88%
||
7 Day CHG~0.00%
Published-13 May, 2021 | 14:30
Updated-03 Aug, 2024 | 17:01
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A flaw was found in noobaa-operator in versions before 5.7.0, where internal RPC AuthTokens between the noobaa operator and the noobaa core are leaked into log files. An attacker with access to the log files could use this AuthToken to gain additional access into noobaa deployment and can read/modify system configuration.

Action-Not Available
Vendor-n/aRed Hat, Inc.
Product-noobaa-operatorNooBaa
CWE ID-CWE-522
Insufficiently Protected Credentials
CWE ID-CWE-532
Insertion of Sensitive Information into Log File
CVE-2023-37362
Matching Score-4
Assigner-Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)
ShareView Details
Matching Score-4
Assigner-Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)
CVSS Score-7.2||HIGH
EPSS-0.51% / 39.83%
||
7 Day CHG~0.00%
Published-19 Jul, 2023 | 21:50
Updated-06 Mar, 2025 | 15:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Weintek Weincloud Improper Authentication

Weintek Weincloud v0.13.6 could allow an attacker to abuse the registration functionality to login with testing credentials to the official website.

Action-Not Available
Vendor-weintekWeintek
Product-weincloudWeincloud
CWE ID-CWE-522
Insufficiently Protected Credentials
CVE-2021-3344
Matching Score-4
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-4
Assigner-Red Hat, Inc.
CVSS Score-8.8||HIGH
EPSS-1.17% / 63.60%
||
7 Day CHG~0.00%
Published-16 Mar, 2021 | 21:09
Updated-03 Aug, 2024 | 16:53
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A privilege escalation flaw was found in OpenShift builder. During build time, credentials outside the build context are automatically mounted into the container image under construction. An OpenShift user, able to execute code during build time inside this container can re-use the credentials to overwrite arbitrary container images in internal registries and/or escalate their privileges. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. This affects github.com/openshift/builder v0.0.0-20210125201112-7901cb396121 and before.

Action-Not Available
Vendor-n/aRed Hat, Inc.
Product-openshift_container_platformopenshift_builderopenshift/builder
CWE ID-CWE-522
Insufficiently Protected Credentials
CVE-2025-42933
Matching Score-4
Assigner-SAP SE
ShareView Details
Matching Score-4
Assigner-SAP SE
CVSS Score-8.8||HIGH
EPSS-0.26% / 17.04%
||
7 Day CHG~0.00%
Published-09 Sep, 2025 | 02:11
Updated-26 Feb, 2026 | 17:49
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Insecure Storage of Sensitive Information in SAP Business One (SLD)

When a user logs in via SAP Business One native client, the SLD backend service fails to enforce proper encryption of certain APIs. This leads to exposure of sensitive credentials within http response body. As a result, it has a high impact on the confidentiality, integrity, and availability of the application.

Action-Not Available
Vendor-SAP SE
Product-SAP Business One (SLD)
CWE ID-CWE-522
Insufficiently Protected Credentials
CVE-2025-41682
Matching Score-4
Assigner-CERT@VDE
ShareView Details
Matching Score-4
Assigner-CERT@VDE
CVSS Score-8.8||HIGH
EPSS-0.28% / 19.39%
||
7 Day CHG~0.00%
Published-08 Sep, 2025 | 06:38
Updated-08 Sep, 2025 | 18:04
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Credential Disclosure via Insecure Storage on Charge Controller

An authenticated, low-privileged attacker can obtain credentials stored on the charge controller including the manufacturer password.

Action-Not Available
Vendor-Bender
Product-CC612ICC16xxCC613ICC13xx
CWE ID-CWE-522
Insufficiently Protected Credentials
CVE-2020-9523
Matching Score-4
Assigner-OpenText (formerly Micro Focus)
ShareView Details
Matching Score-4
Assigner-OpenText (formerly Micro Focus)
CVSS Score-8.8||HIGH
EPSS-0.86% / 54.11%
||
7 Day CHG~0.00%
Published-17 Apr, 2020 | 14:18
Updated-04 Aug, 2024 | 10:34
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Insufficiently protected credentials vulnerability on Micro Focus enterprise developer and enterprise server, affecting all version prior to 4.0 Patch Update 16, and version 5.0 Patch Update 6. The vulnerability could allow an attacker to transmit hashed credentials for the user account running the Micro Focus Directory Server (MFDS) to an arbitrary site, compromising that account's security.

Action-Not Available
Vendor-n/aMicro Focus International Limited
Product-enterprise_developerenterprise_serverEnterprise developer and server.
CWE ID-CWE-522
Insufficiently Protected Credentials
CVE-2021-40857
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-8.8||HIGH
EPSS-2.03% / 78.68%
||
7 Day CHG~0.00%
Published-13 Dec, 2021 | 03:24
Updated-04 Aug, 2024 | 02:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Auerswald COMpact 5500R devices before 8.2B allow Privilege Escalation via the passwd=1 substring.

Action-Not Available
Vendor-auerswaldn/a
Product-commander_6000rx_ipcommander_6000r_ip_firmwarecompact_5020_voip_ipcompact_5200r_ip_firmwarecompact_5020_voip_ip_firmwarecompact_4000r_ipcompact_5200r_ipcompact_5500r_ipcommander_6000rx_ip_firmwarecommander_basic.2\(19\"\)_ipcommander_6000r_ipcompact_5500r_ip_firmwarecompact_5000r_ip_firmwarecommander_business\(19\"\)_ip_firmwarecompact_5000r_ipcompact_5010_voip_ipcompact_4000_ip_firmwarecommander_basic.2\(19\"\)_ip_firmwarecommander_business\(19\"\)_ipcompact_5010_voip_ip_firmwaren/a
CWE ID-CWE-522
Insufficiently Protected Credentials
  • Previous
  • 1
  • 2
  • Next
Details not found