RSS   Vulnerabilities for 'Cloudcnm secumanager'   RSS

2020-06-29
 
CVE-2020-15324

CWE-798
 

 
Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has a world-readable axess/opt/axXMPPHandler/config/xmpp_config.py file that stores hardcoded credentials.

 
 
CVE-2020-15323

CWE-798
 

 
Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has the cloud1234 password for the a1@chopin account default credentials.

 
 
CVE-2020-15322

CWE-798
 

 
Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has the wbboEZ4BN3ssxAfM hardcoded password for the debian-sys-maint account.

 
 
CVE-2020-15321

CWE-798
 

 
Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has the axzyxel password for the livedbuser account.

 
 
CVE-2020-15320

CWE-798
 

 
Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has the axiros password for the root account.

 
 
CVE-2020-15319

CWE-798
 

 
Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has a hardcoded RSA SSH key for the root account within the /opt/mysql chroot directory tree.

 
 
CVE-2020-15318

CWE-798
 

 
Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has a hardcoded DSA SSH key for the root account within the /opt/mysql chroot directory tree.

 
 
CVE-2020-15317

CWE-798
 

 
Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has a hardcoded RSA SSH key for the root account within the /opt/axess chroot directory tree.

 
 
CVE-2020-15316

CWE-798
 

 
Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has a hardcoded ECDSA SSH key for the root account within the /opt/axess chroot directory tree.

 
 
CVE-2020-15315

CWE-798
 

 
Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has a hardcoded DSA SSH key for the root account within the /opt/axess chroot directory tree.

 


Copyright 2021, cxsecurity.com

 

Back to Top