Lucene search
K

167 matches found

BDU FSTEC
BDU FSTEC
added 2024/06/07 12:0 a.m.4 views

The vulnerability of the LenelS2 NetBox access control and event monitoring system, which relies on strictly encrypted user credentials, allows a perpetrator to bypass the authentication process.

The vulnerability of the LenelS2 NetBox access control and event monitoring system lies in the use of strictly encrypted login credentials. Exploiting this vulnerability could allow a malicious actor to bypass the authentication process remotely...

10CVSS5.4AI score0.00505EPSS
Exploits0References5Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/06/03 12:0 a.m.4 views

The vulnerability of the SolarWinds Access Rights Manager software, which stems from the use of strictly encrypted credentials, allows a perpetrator to gain access to the RabbitMQ management console.

The vulnerability of the SolarWinds Access Rights Manager ARM lies in the use of strictly encrypted credentials. Exploiting this vulnerability could allow a malicious actor to gain access to the RabbitMQ management console remotely...

9CVSS7.5AI score0.01073EPSS
Exploits0References7Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/05/17 12:0 a.m.4 views

The vulnerability of the Brocade SANnav network management software lies in the use of strictly encrypted user credentials, which allows an intruder to gain unauthorized access to protected information.

The vulnerability of the Brocade SANnav network management software is related to the use of strictly encrypted credentials. Exploiting this vulnerability can allow an intruder to gain unauthorized access to protected information...

1.9CVSS5.8AI score0.0016EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2024/02/19 12:15 p.m.3 views

CVE-2024-1344

Encrypted database credentials in LaborOfficeFree affecting version 19.10. This vulnerability allows an attacker to read and extract the username and password from the database of 'LOFservice.exe' and 'LaborOfficeFree.exe' located in the '%programfilesx86%\LaborOfficeFree' directory. This user ca...

9.8CVSS5.8AI score0.00305EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2024/02/06 12:0 a.m.6 views

The vulnerability of the NEXO-OS operating system in the Bosch Nexo cordless nutrunner and Bosch Nexo special cordless nutrunner tools used in production lines allows a person with improper access to increase their privileges.

The vulnerability of the NEXO-OS operating system in Bosch’s production line tools, such as the Bosch Nexo cordless nutrunner and Bosch Nexo special cordless nutrunner, is related to the use of rigidly encrypted user credentials. Exploiting this vulnerability could allow an intruder to gain...

8.1CVSS7.7AI score0.00575EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2023/12/11 12:0 a.m.4 views

The vulnerability of the ALEOS operating system’s debugging mode in wireless routers from Sierra Wireless—MP70, RV50x, RV55, LX40, LX60 ES450, GX450—allows a hacker to gain unauthorized access to protected information.

The vulnerability of the ALEOS operating system’s debugging mode for Sierra Wireless’ wireless routers—MP70, RV50x, RV55, LX40, LX60 ES450, GX450—is related to the use of strictly encrypted credentials. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected...

8.1CVSS7.1AI score0.00631EPSS
Exploits0References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2023/12/06 12:0 a.m.5 views

The vulnerability of the software for centralized device management in Fortinet FortiManager, as well as the event monitoring and analysis tool FortiAnalyzer, arises from the use of strictly encrypted credentials. This allows a malicious individual to gain access to confidential information.

The vulnerability of the software for centralized device management in Fortinet FortiManager, as well as the event monitoring and analysis tool FortiAnalyzer, is related to the use of strictly encrypted credentials. Exploiting this vulnerability can allow an attacker to access confidential...

5.5CVSS5.9AI score0.00195EPSS
Exploits0References3Affected Software2
BDU FSTEC
BDU FSTEC
added 2023/11/27 12:0 a.m.7 views

The vulnerability of the microprogramming software of Osprey Pump Controller allows a hacker to gain full access to the device’s web interface.

The vulnerability of the microprogrammed software of Osprey Pump Controller controllers is related to the use of rigidly encrypted credentials. Exploiting this vulnerability could allow a malicious actor, operating remotely, to gain full access to the device’s web interface...

10CVSS7.8AI score0.00771EPSS
Exploits1References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2023/10/13 12:0 a.m.5 views

The vulnerability of the microprogramming software in real-time video viewing devices from Fujitsu’s IP series lies in the use of strictly encrypted login credentials. This allows a perpetrator to initialize or restart the device, as well as stop the transmission of videos.

The vulnerability of microprogrammed software in real-time video viewing devices from Fujitsu’s IP series is related to the use of strictly encrypted login credentials. Exploiting this vulnerability allows a remote attacker to initialize or restart the device, as well as stop the video transmissi...

7.8CVSS6.7AI score0.0299EPSS
Exploits0References3Affected Software11
BDU FSTEC
BDU FSTEC
added 2023/09/25 12:0 a.m.8 views

The vulnerability of the D-View 8 network device management platform, which stems from the use of rigidly encrypted user credentials, allows a malicious actor to circumvent security restrictions and gain unauthorized access to protected information.

The vulnerability of the D-View 8 network device management platform lies in the use of a static key during the processing of JWT tokens. Exploiting this vulnerability allows an attacker to bypass security restrictions and gain unauthorized access to protected information...

10CVSS7.2AI score0.67914EPSS
Exploits1References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2023/09/19 12:0 a.m.4 views

The vulnerability of the SEL-5037 SEL Grid Configurator software in terms of creating, managing, and deploying energy systems lies in its use of rigidly encrypted credentials. This allows a malicious individual to bypass authentication processes.

The vulnerability of the SEL-5037 SEL Grid Configurator software for creating, managing, and deploying energy systems lies in the use of rigidly encrypted credentials. Exploiting this vulnerability could allow an attacker to bypass authentication processes...

8.4CVSS7.5AI score0.00199EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2023/09/19 12:0 a.m.4 views

The vulnerability of the FortiTester software-based diagnostic and audit tools for computer networks lies in the use of strictly encrypted credentials. This allows a malicious actor to gain unauthorized access to protected information and execute arbitrary commands.

The vulnerability of the FortiTester software for diagnosing and auditing computer networks lies in the use of strictly encrypted authentication credentials. Exploiting this vulnerability can allow an intruder to gain unauthorized access to protected information and execute arbitrary commands...

7.8CVSS7.5AI score0.00191EPSS
Exploits0References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2023/05/17 12:0 a.m.7 views

The vulnerability of Fortinet’s FortiNAC and FortiNAC-F access control devices, which stems from the use of strictly encrypted login credentials, allows attackers to gain unauthorized access to protected information.

The vulnerability of the access control devices in Fortinet’s FortiNAC and FortiNAC-F systems lies in the use of strictly encrypted user credentials. Exploiting this vulnerability could allow an attacker to gain unauthorized access to protected information by executing certain commands...

6.8CVSS7.2AI score0.00164EPSS
Exploits0References2Affected Software2
0day.today
0day.today
added 2023/05/05 12:0 a.m.230 views

Jedox 2022.4.2 - Code Execution via RPC Interfaces Vulnerability

Exploit Title: Jedox 2022.4.2 - Code Execution via RPC Interfaces Exploit Author: Team Syslifters / Christoph MAHRL, Aron MOLNAR, Patrick PIRKER and Michael WEDL Vendor Homepage: https://jedox.com Version: Jedox 2022.4 22.4.2 and older CVE : CVE-2022-47879 Introduction ================= A Remote...

7.5CVSS7.6AI score0.06741EPSS
Exploits7
Packet Storm
Packet Storm
added 2023/05/05 12:0 a.m.320 views

Jedox 2020.2.5 Database Credential Disclosure

Exploit Title: Jedox 2020.2.5 - Disclosure of Database Credentials via Improper Access Controls Date: 28/04/2023 Exploit Author: Team Syslifters / Christoph MAHRL, Aron MOLNAR, Patrick PIRKER and Michael WEDL Vendor Homepage: https://jedox.com Version: Jedox 2020.2 20.2.5 and older CVE :...

7.1AI score0.22724EPSS
Exploits8
Exploit DB
Exploit DB
added 2023/05/05 12:0 a.m.318 views

Jedox 2020.2.5 - Disclosure of Database Credentials via Improper Access Controls

Exploit Title: Jedox 2020.2.5 - Disclosure of Database Credentials via Improper Access Controls Date: 28/04/2023 Exploit Author: Team Syslifters / Christoph MAHRL, Aron MOLNAR, Patrick PIRKER and Michael WEDL Vendor Homepage: https://jedox.com Version: Jedox 2020.2 20.2.5 and older CVE :...

7.5CVSS7AI score0.22724EPSS
Exploits8
VulnCheck KEV
VulnCheck KEV
added 2023/04/26 12:0 a.m.5 views

VulnCheck KEV: CVE-2023-27532

Veeam Backup & Replication Cloud Connect component contains a missing authentication for critical function vulnerability that allows an unauthenticated user operating within the backup infrastructure network perimeter to obtain encrypted credentials stored in the configuration database. This...

7.5CVSS7.3AI score0.7761EPSS
Exploits4References1
Tenable Nessus
Tenable Nessus
added 2023/03/24 12:0 a.m.98 views

Veeam Backup and Replication Authentication Bypass (KB4288)

The version of Veeam Backup and Replication installed on the remote Windows host is prior to 11.0.1.1261 P20230227 or 12.x prior to 12.0.0.1420 P20230223. It is, therefore, affected by authentication bypass vulnerability that allows encrypted credentials stored in the configuration database to be...

7.5CVSS8.4AI score0.7761EPSS
Exploits4References2
BDU FSTEC
BDU FSTEC
added 2023/03/11 12:0 a.m.5 views

The vulnerability of the APC Easy UPS Online Monitoring Software’s software lies in its use of strictly encrypted credentials, allowing a intruder to gain unauthorized access to the target system.

The vulnerability of the APC Easy UPS Online Monitoring Software relates to the use of strictly encrypted login credentials. Exploiting this vulnerability could allow a perpetrator to gain unauthorized access to the target system...

7.8CVSS7.2AI score0.00163EPSS
Exploits0References6Affected Software2
NVD
NVD
added 2023/03/10 10:15 p.m.21 views

CVE-2023-27532

Vulnerability in Veeam Backup & Replication component allows encrypted credentials stored in the configuration database to be obtained. This may lead to gaining access to the backup infrastructure hosts...

7.5CVSS7.5AI score0.7761EPSS
Exploits4References2
Rows per page
Query Builder