CWE:
 

Tytuł
Data
Autor
High
Heatmiser Netmonitor 3.03 Hardcoded Credentials
31.12.2019
Ismail Tasdelen
Med.
Fortinet FortiRecorder 2.7.3 Hardcoded Password
08.08.2019
XORcat
High
HPE VAN SDN 2.7.18.0503 Remote Root
28.06.2018
KoreLogic
High
HP Enterprise VAN SDN Controller 2.7.18.0503 Remote Root
27.06.2018
Matthew Bergin
High
Solarwinds LEM 6.3.1 Hardcoded Credentials
25.04.2017
Matt Bergin
High
Cisco Firepower Threat Management Console Hard-Coded MySQL Credentials
06.10.2016
Matt Bergin
High
AVer Information EH6108H+ Authentication Bypass / Inforation Exposure
28.09.2016
Multiple
High
Seagate GoFlex Satellite Remote Telnet Default Password
19.12.2015
Matt Bergin
High
ZTE ZXHN H108N R1A / ZXV10 W300 Traversal / Disclosure / Authorization
21.11.2015
Karn Ganeshen
High
SAP NetWeaver AS FKCDBFTRACE ABAP Hardcoded Credentials
10.09.2015
Rustem Gazizov, Diana ...
High
SAP NetWeaver AS LSCT1I13 ABAP Hardcoded Credentials
10.09.2015
Rustem Gazizov, Diana ...
High
AirLink101 SkyIPCam1620W OS Command Injection
09.07.2015
CORE
Low
SAP FI Manager Self-Service Hardcoded Username
30.07.2014
Onapsis
Med.
SAP Hard-Coded Credentials
07.06.2014
Ezequiel Gutesman
High
ZTE ZXV10 W300 router contains hardcoded credentials
09.02.2014
USCERT
Med.
Franklin Fuelings T550 Evo Access Control / Credentials
22.01.2014
Matt Jakubowski
High
TP-Link IP Cameras multiple vulnerabilities
28.05.2013
CORE
High
Zavio IP Cameras multiple vulnerabilities
28.05.2013
CORE
High
D-Link IP Cameras Injection & Bypass
30.04.2013
CORE


Common Weakness Enumeration (CWE)

CVE
Szczegóły
Opis
2020-09-22
Medium
CVE-2020-4622

Vendor: IBM
Software: Data risk ma...
 

 
IBM Data Risk Manager (iDNA) 2.0.6 contains hard-coded credentials, such as a password or cryptographic key, which it uses for its own inbound authentication, outbound communication to external components, or encryption of internal data. IBM X-Force ID: 184983.

 
2020-09-14
Low
CVE-2020-12789

Updating...
 

 
The Secure Monitor in Microchip Atmel ATSAMA5 products use a hardcoded key to encrypt and authenticate secure applets.

 
High
CVE-2018-20432

Updating...
 

 
D-Link COVR-2600R and COVR-3902 Kit before 1.01b05Beta01 use hardcoded credentials for telnet connection, which allows unauthenticated attackers to gain privileged access to the router, and to extract sensitive data or modify the configuration.

 
2020-09-11
Medium
CVE-2020-25256

Vendor: Hyland
Software: Onbase
 

 
An issue was discovered in Hyland OnBase through 18.0.0.32 and 19.x through 19.8.9.1000. PKI certificates have a private key that is the same across different customers' installations.

 
2020-09-09
Medium
CVE-2018-17771

Updating...
 

 
Ingenico Telium 2 POS terminals have hardcoded FTP credentials. This is fixed in Telium 2 SDK v9.32.03 patch N.

 
Medium
CVE-2018-17767

Updating...
 

 
Ingenico Telium 2 POS terminals have hardcoded PPP credentials. This is fixed in Telium 2 SDK v9.32.03 patch N.

 
2020-09-03
Medium
CVE-2020-24876

Vendor: Pancakeapp
Software: Pancake
 

 
Use of a hard-coded cryptographic key in Pancake versions < 4.13.29 allows an attacker to forge session cookies, which may lead to remote privilege escalation.

 
2020-08-31
Medium
CVE-2020-24115

Vendor: Online book store project
Software: Online book ...
 

 
In projectworlds Online Book Store 1.0 Use of Hard-coded Credentials in source code leads to admin panel access.

 
2020-08-26
Medium
CVE-2020-3446

Updating...
 

 
A vulnerability in Cisco Virtual Wide Area Application Services (vWAAS) with Cisco Enterprise NFV Infrastructure Software (NFVIS)-bundled images for Cisco ENCS 5400-W Series and CSP 5000-W Series appliances could allow an unauthenticated, remote attacker to log into the NFVIS CLI of an affected device by using accounts that have a default, static password. The vulnerability exists because the affected software has user accounts with default, static passwords. An attacker with access to the NFVIS CLI of an affected device could exploit this vulnerability by logging into the CLI. A successful exploit could allow the attacker to access the NFVIS CLI with administrator privileges.

 
Medium
CVE-2019-4694

Vendor: IBM
Software: Guardium dat...
 

 
IBM Security Guardium Data Encryption (GDE) 3.0.0.2 contains hard-coded credentials, such as a password or cryptographic key, which it uses for its own inbound authentication, outbound communication to external components, or encryption of internal data. IBM X-Force ID: 171832.

 

 


Copyright 2020, cxsecurity.com

 

Back to Top