CVE-2022-34440

Dell EMC SCG Policy Manager, versions from 5.10 to 5.12, contains a contain a Hard-coded Cryptographic Key vulnerability. An attacker with the knowledge of the hard-coded sensitive information, could potentially exploit this vulnerability to login to the system to gain admin privileges...

CVE-2022-34441

Dell EMC SCG Policy Manager, versions from 5.10 to 5.12, contains a contain a Hard-coded Cryptographic Key vulnerability. An attacker with the knowledge of the hard-coded sensitive information, could potentially exploit this vulnerability to login to the system to gain admin privileges...

CVE-2022-34440

Dell EMC SCG Policy Manager, versions from 5.10 to 5.12, contains a contain a Hard-coded Cryptographic Key vulnerability. An attacker with the knowledge of the hard-coded sensitive information, could potentially exploit this vulnerability to login to the system to gain admin privileges...

Dell EMC Secure Connect Gateway 信任管理问题漏洞

Dell EMC Secure Connect Gateway Dell Emc Scg is a type of secure connectivity gateway from Dell USA. A security vulnerability exists in Dell EMC SCG Policy Manager versions 5.10 through 5.12, which originates from an attacker being able to log in to the system with a hard-coded encryption key to...

Dell EMC Secure Connect Gateway 信任管理问题漏洞

Dell EMC Secure Connect Gateway Dell Emc Scg is a type of secure connectivity gateway from Dell USA. A security vulnerability exists in Dell EMC SCG Policy Manager versions 5.10 through 5.12, which originates from an attacker being able to log in to the system with a hard-coded encryption key to...

Hitachi Energy FOXMAN-UN

1. EXECUTIVE SUMMARY CVSS v3 8.3 ATTENTION: Exploitable remotely/low attack complexity Vendor: Hitachi Energy Equipment: FOXMAN-UN Vulnerabilities: Inadequate Encryption Strength, Use of Default Cryptographic Key, Use of Hard-coded Cryptographic Key, Cleartext Transmission of Sensitive...

PT-2023-18515 · Kubepi · Kubepi

Name of the Vulnerable Software and Affected Versions: KubePi versions prior to 1.6.3 Description: The jwt authentication function of KubePi uses hard-coded Jwtsigkeys, resulting in the same Jwtsigkeys for all online projects. This means that an attacker can forge any jwt token to take over the...

CVE-2022-45425

Some Dahua software products have a vulnerability of using of hard-coded cryptographic key. An attacker can obtain the AES crypto key by exploiting this vulnerability...

CVE-2022-2660

Delta Industrial Automation DIALink versions 1.4.0.0 and prior are vulnerable to the use of a hard-coded cryptographic key which could allow an attacker to decrypt sensitive data and compromise the machine...

Exploit for Use of Hard-coded Cryptographic Key in Apache Aurora

This repository is an open-source project called "Attack-Defense ThinkTank" openKylin, which is a community-driven platform for sharing knowledge and research on attack and defense techniques. The project is hosted on Gitee, a Chinese version of GitHub. The repository contains various articles an...

CVE-2022-29829

Use of Hard-coded Cryptographic Key vulnerability in Mitsubishi Electric GX Works3 versions from 1.000A to 1.090U, GT Designer3 Version1 GOT2000 versions from 1.122C to 1.290C, Motion Control SettingGX Works3 related software versions from 1.035M to 1.042U, and MT Works2 versions from 1.100E to...

CVE-2022-29830

Use of Hard-coded Cryptographic Key vulnerability in Mitsubishi Electric GX Works3 versions from 1.000A to 1.095Z, and Motion Control SettingGX Works3 related software versions from 1.000A to 1.065T allows a remote unauthenticated attacker to disclose or tamper with sensitive information. As a...

CVE-2022-29828

Use of Hard-coded Cryptographic Key vulnerability in Mitsubishi Electric GX Works3 versions from 1.000A and later allows a remote unauthenticated attacker to disclose sensitive information. As a result, unauthenticated attackers may view programs and project file or execute programs illegally...

CVE-2022-29827

Use of Hard-coded Cryptographic Key vulnerability in Mitsubishi Electric GX Works3 versions from 1.000A and later allows a remote unauthenticated attacker to disclose sensitive information. As a result, unauthenticated attackers may view programs and project files or execute programs illegally...

CVE-2022-29827

Use of Hard-coded Cryptographic Key vulnerability in Mitsubishi Electric GX Works3 versions from 1.000A and later allows a remote unauthenticated attacker to disclose sensitive information. As a result, unauthenticated attackers may view programs and project files or execute programs illegally...

PT-2022-19860 · Mitsubishi · Gx Works3 +2

Name of the Vulnerable Software and Affected Versions: Mitsubishi Electric GX Works3 versions 1.000A through 1.090U GT Designer3 Version1 GOT2000 versions 1.122C through 1.290C Motion Control Setting GX Works3 related software versions 1.035M through 1.042U Description: The issue allows a remote...

Dell PowerPath Management Appliance 信任管理问题漏洞

Dell PowerPath Management Appliance is a PowerPath host management application from Dell USA that offers two models: a virtual machine-based appliance and a Docker containerized appliance. A security vulnerability exists in the Dell PowerPath Management Appliance version 3.3, all versions 3.2,...

The vulnerability in the web interface for managing the Cisco AsyncOS operating system of the Cisco Email Security Appliance (ESA) security email system, the Cisco Secure Email and Web Manager content protection device, and the Cisco Secure Web Appliance (formerly Cisco Web Security Appliance (WSA)) web gateway allows a perpetrator to enhance their privileges.

The vulnerability in the web interface for managing the Cisco AsyncOS operating system of the Cisco Email Security Appliance ESA, the Cisco Secure Email and Web Manager, and the Cisco Secure Web Appliance formerly Cisco Web Security Appliance WSA relates to the use of a hard-coded cryptographic...

PT-2022-6358 · Dell Emc · Dell Emc Scg Policy Manager

Name of the Vulnerable Software and Affected Versions: Dell EMC SCG Policy Manager versions 5.10 through 5.12 Description: The issue is related to the use of a hard-coded cryptographic key in the Policy Manager software of Dell Secure Connect Gateway SCG. An attacker with knowledge of the...

PT-2022-6348 · Dell Emc · Dell Emc Scg Policy Manager

Name of the Vulnerable Software and Affected Versions: Dell EMC SCG Policy Manager versions 5.10 through 5.12 Description: The issue is related to a Hard-coded Cryptographic Key, which could allow an attacker with knowledge of the hard-coded sensitive information to potentially exploit this...