CVE-2015-6456

2015-09-18T22:59:00
ID CVE-2015-6456
Type cve
Reporter cve@mitre.org
Modified 2015-09-23T18:43:00

Description

GE Digital Energy MDS PulseNET and MDS PulseNET Enterprise before 3.1.5 have hardcoded credentials for a support account, which allows remote attackers to obtain administrative access, and consequently execute arbitrary code, by leveraging knowledge of the password. <a href="http://cwe.mitre.org/data/definitions/798.html" target="_blank">CWE-798: Use of Hard-coded Credentials</a>