167 matches found
The vulnerability of the LenelS2 NetBox access control and event monitoring system, which relies on strictly encrypted user credentials, allows a perpetrator to bypass the authentication process.
The vulnerability of the LenelS2 NetBox access control and event monitoring system lies in the use of strictly encrypted login credentials. Exploiting this vulnerability could allow a malicious actor to bypass the authentication process remotely...
The vulnerability of the SolarWinds Access Rights Manager software, which stems from the use of strictly encrypted credentials, allows a perpetrator to gain access to the RabbitMQ management console.
The vulnerability of the SolarWinds Access Rights Manager ARM lies in the use of strictly encrypted credentials. Exploiting this vulnerability could allow a malicious actor to gain access to the RabbitMQ management console remotely...
The vulnerability of the Brocade SANnav network management software lies in the use of strictly encrypted user credentials, which allows an intruder to gain unauthorized access to protected information.
The vulnerability of the Brocade SANnav network management software is related to the use of strictly encrypted credentials. Exploiting this vulnerability can allow an intruder to gain unauthorized access to protected information...
CVE-2024-1344
Encrypted database credentials in LaborOfficeFree affecting version 19.10. This vulnerability allows an attacker to read and extract the username and password from the database of 'LOFservice.exe' and 'LaborOfficeFree.exe' located in the '%programfilesx86%\LaborOfficeFree' directory. This user ca...
The vulnerability of the NEXO-OS operating system in the Bosch Nexo cordless nutrunner and Bosch Nexo special cordless nutrunner tools used in production lines allows a person with improper access to increase their privileges.
The vulnerability of the NEXO-OS operating system in Bosch’s production line tools, such as the Bosch Nexo cordless nutrunner and Bosch Nexo special cordless nutrunner, is related to the use of rigidly encrypted user credentials. Exploiting this vulnerability could allow an intruder to gain...
The vulnerability of the ALEOS operating system’s debugging mode in wireless routers from Sierra Wireless—MP70, RV50x, RV55, LX40, LX60 ES450, GX450—allows a hacker to gain unauthorized access to protected information.
The vulnerability of the ALEOS operating system’s debugging mode for Sierra Wireless’ wireless routers—MP70, RV50x, RV55, LX40, LX60 ES450, GX450—is related to the use of strictly encrypted credentials. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected...
The vulnerability of the software for centralized device management in Fortinet FortiManager, as well as the event monitoring and analysis tool FortiAnalyzer, arises from the use of strictly encrypted credentials. This allows a malicious individual to gain access to confidential information.
The vulnerability of the software for centralized device management in Fortinet FortiManager, as well as the event monitoring and analysis tool FortiAnalyzer, is related to the use of strictly encrypted credentials. Exploiting this vulnerability can allow an attacker to access confidential...
The vulnerability of the microprogramming software of Osprey Pump Controller allows a hacker to gain full access to the device’s web interface.
The vulnerability of the microprogrammed software of Osprey Pump Controller controllers is related to the use of rigidly encrypted credentials. Exploiting this vulnerability could allow a malicious actor, operating remotely, to gain full access to the device’s web interface...
The vulnerability of the microprogramming software in real-time video viewing devices from Fujitsu’s IP series lies in the use of strictly encrypted login credentials. This allows a perpetrator to initialize or restart the device, as well as stop the transmission of videos.
The vulnerability of microprogrammed software in real-time video viewing devices from Fujitsu’s IP series is related to the use of strictly encrypted login credentials. Exploiting this vulnerability allows a remote attacker to initialize or restart the device, as well as stop the video transmissi...
The vulnerability of the D-View 8 network device management platform, which stems from the use of rigidly encrypted user credentials, allows a malicious actor to circumvent security restrictions and gain unauthorized access to protected information.
The vulnerability of the D-View 8 network device management platform lies in the use of a static key during the processing of JWT tokens. Exploiting this vulnerability allows an attacker to bypass security restrictions and gain unauthorized access to protected information...
The vulnerability of the SEL-5037 SEL Grid Configurator software in terms of creating, managing, and deploying energy systems lies in its use of rigidly encrypted credentials. This allows a malicious individual to bypass authentication processes.
The vulnerability of the SEL-5037 SEL Grid Configurator software for creating, managing, and deploying energy systems lies in the use of rigidly encrypted credentials. Exploiting this vulnerability could allow an attacker to bypass authentication processes...
The vulnerability of the FortiTester software-based diagnostic and audit tools for computer networks lies in the use of strictly encrypted credentials. This allows a malicious actor to gain unauthorized access to protected information and execute arbitrary commands.
The vulnerability of the FortiTester software for diagnosing and auditing computer networks lies in the use of strictly encrypted authentication credentials. Exploiting this vulnerability can allow an intruder to gain unauthorized access to protected information and execute arbitrary commands...
The vulnerability of Fortinet’s FortiNAC and FortiNAC-F access control devices, which stems from the use of strictly encrypted login credentials, allows attackers to gain unauthorized access to protected information.
The vulnerability of the access control devices in Fortinet’s FortiNAC and FortiNAC-F systems lies in the use of strictly encrypted user credentials. Exploiting this vulnerability could allow an attacker to gain unauthorized access to protected information by executing certain commands...
Jedox 2022.4.2 - Code Execution via RPC Interfaces Vulnerability
Exploit Title: Jedox 2022.4.2 - Code Execution via RPC Interfaces Exploit Author: Team Syslifters / Christoph MAHRL, Aron MOLNAR, Patrick PIRKER and Michael WEDL Vendor Homepage: https://jedox.com Version: Jedox 2022.4 22.4.2 and older CVE : CVE-2022-47879 Introduction ================= A Remote...
Jedox 2020.2.5 Database Credential Disclosure
Exploit Title: Jedox 2020.2.5 - Disclosure of Database Credentials via Improper Access Controls Date: 28/04/2023 Exploit Author: Team Syslifters / Christoph MAHRL, Aron MOLNAR, Patrick PIRKER and Michael WEDL Vendor Homepage: https://jedox.com Version: Jedox 2020.2 20.2.5 and older CVE :...
Jedox 2020.2.5 - Disclosure of Database Credentials via Improper Access Controls
Exploit Title: Jedox 2020.2.5 - Disclosure of Database Credentials via Improper Access Controls Date: 28/04/2023 Exploit Author: Team Syslifters / Christoph MAHRL, Aron MOLNAR, Patrick PIRKER and Michael WEDL Vendor Homepage: https://jedox.com Version: Jedox 2020.2 20.2.5 and older CVE :...
VulnCheck KEV: CVE-2023-27532
Veeam Backup & Replication Cloud Connect component contains a missing authentication for critical function vulnerability that allows an unauthenticated user operating within the backup infrastructure network perimeter to obtain encrypted credentials stored in the configuration database. This...
Veeam Backup and Replication Authentication Bypass (KB4288)
The version of Veeam Backup and Replication installed on the remote Windows host is prior to 11.0.1.1261 P20230227 or 12.x prior to 12.0.0.1420 P20230223. It is, therefore, affected by authentication bypass vulnerability that allows encrypted credentials stored in the configuration database to be...
The vulnerability of the APC Easy UPS Online Monitoring Software’s software lies in its use of strictly encrypted credentials, allowing a intruder to gain unauthorized access to the target system.
The vulnerability of the APC Easy UPS Online Monitoring Software relates to the use of strictly encrypted login credentials. Exploiting this vulnerability could allow a perpetrator to gain unauthorized access to the target system...
CVE-2023-27532
Vulnerability in Veeam Backup & Replication component allows encrypted credentials stored in the configuration database to be obtained. This may lead to gaining access to the backup infrastructure hosts...