CWE-549
11 active CVEs classified under this weakness category. Sourced from NVD, GHSA, and vendor advisories. Full definition on MITRE →
CVEs classified under CWE-549page 1 of 1
- CVE-2022-1342MEDIUMCVSS 4.6EG 4.62022-06-15
A lack of password masking in Devolutions Remote Desktop Manager allows physically proximate attackers to observe sensitive data. A caching issue can cause sensitive fields to sometimes stay revealed when closing and reopening a panel, whi…
- CVE-2022-20914MEDIUMCVSS 4.9EG 4.92022-08-10
A vulnerability in the External RESTful Services (ERS) API of Cisco Identity Services Engine (ISE) Software could allow an authenticated, remote attacker to obtain sensitive information. This vulnerability is due to excessive verbosity in …
- CVE-2022-22550MEDIUMCVSS 6.7EG 6.72022-04-12
Dell PowerScale OneFS, versions 8.2.2 and above, contain a password disclosure vulnerability. An unprivileged local attacker could potentially exploit this vulnerability, leading to account take over.
- CVE-2022-41248MEDIUMCVSS 5.3EG 3.32022-09-21
Jenkins BigPanda Notifier Plugin 1.4.0 and earlier does not mask the BigPanda API key on the global configuration form, increasing the potential for attackers to observe and capture it.
- CVE-2022-43426MEDIUMCVSS 5.3EG 3.12022-10-19
Jenkins S3 Explorer Plugin 1.0.8 and earlier does not mask the AWS_SECRET_ACCESS_KEY form field, increasing the potential for attackers to observe and capture it.
- CVE-2023-1763MEDIUMCVSS 6.5EG 6.52023-05-17
Canon IJ Network Tool/Ver.4.7.5 and earlier (supported OS: OS X 10.9.5-macOS 13),IJ Network Tool/Ver.4.7.3 and earlier (supported OS: OS X 10.7.5-OS X 10.8) allows an attacker to acquire sensitive information on the Wi-Fi connection setup …
- CVE-2023-2062MEDIUMCVSS 6.2EG 6.22023-06-02
Missing Password Field Masking vulnerability in Mitsubishi Electric Corporation EtherNet/IP configuration tools SW1DNN-EIPCT-BD and SW1DNN-EIPCTFX5-BD allows a remote unauthenticated attacker to know the password for MELSEC iQ-R Series Eth…
- CVE-2023-49106MEDIUMCVSS 4.6EG 4.62024-01-16
Missing Password Field Masking vulnerability in Hitachi Device Manager on Windows, Linux (Device Manager Agent component).This issue affects Hitachi Device Manager: before 8.8.5-04.
- CVE-2024-10122LOWCVSS 2.7EG 2.72024-10-18
A vulnerability was found in Topdata Inner Rep Plus WebServer 2.01. It has been classified as problematic. Affected is an unknown function of the file /InnerRepPlus.html of the component Operator Details Form. The manipulation leads to mis…
- CVE-2025-4526MEDIUMCVSS 4.3EG 4.32025-05-11
A vulnerability was identified in Dígitro NGC Explorer up to 3.44.15/3.48.21. The affected element is an unknown function of the component Configuration Page. Such manipulation leads to missing password field masking. It is possible to la…
- CVE-2026-3314MEDIUMCVSS 4.6EG 4.62026-05-26
Missing password field masking vulnerability in Hitachi Ops Center Analyzer (Hitachi Ops Center Analyzer detail view, Hitachi Ops Center Analyzer probe modules), Hitachi Ops Center Analyzer viewpoint, Hitachi Infrastructure Analytics Advis…
Map vulnerabilities like CWE-549 to your infrastructure
EchelonGraph correlates every CVE — across CWE-549 and 150+ other weakness categories — against the assets you actually run. See blast radius, fix versions, and remediation steps in one graph.
Start Free Scan →