Hardcoded credentials

2019-01-2106:29:00

PRIOn knowledge base

www.prio-n.com

8 High

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

58.7%

JSON

Teradata Viewpoint before 14.0 and 16.20.00.02-b80 contains a hardcoded password of TDv1i2e3w4 for the viewpoint database account (in viewpoint-portal\conf\server.xml) that could potentially be exploited by malicious users to compromise the affected system.

CPENameOperatorVersion
viewpointeq16.20.2-b80
viewpointlt14.0

CPE	Name	Operator	Version
	viewpoint	eq	16.20.2-b80
	viewpoint	lt	14.0

References

github.com/inf0seq/inf0seq.github.io/blob/master/_posts/2019-01-20-Teradata%20Viewpoint%20Hardcoded%20Password%20Vulnerability.md

inf0seq.github.io/cve/2019/01/20/Teradata-Viewpoint-Hardcoded-Password-Vulnerability.html