Lucene search
+L

187 matches found

Zero Day Initiative
Zero Day Initiative
added 2023/05/24 12:0 a.m.19 views

D-Link D-View Use of Hard-coded Cryptographic Key Authentication Bypass Vulnerability

This vulnerability allows remote attackers to bypass authentication on affected installations of D-Link D-View. Authentication is not required to exploit this vulnerability. The specific flaw exists within the TokenUtils class. The issue results from a hard-coded cryptographic key. An attacker ca...

9.8CVSS6.9AI score0.56064EPSS
Exploits0References1
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2023/05/08 12:0 a.m.39 views

JVN#13306058: JINS MEME CORE uses a hard-coded cryptographic key

JINS MEME CORE provided by JINS Inc. is a nose pad type sensor attached to a glass frame. JINS MEME CORE uses a hard-coded cryptographic key CWE-321. Impact A network-adjacent attacker may decrypt data acquired by a sensor of the affected product. Solution Update the firmware Update the firmware ...

6.5CVSS6.4AI score0.00279EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2023/04/11 12:0 a.m.19 views

Siemens SCALANCE X Switches Use of Hard-Coded Cryptographic Key (CVE-2020-28395)

A vulnerability has been identified in SCALANCE X-200RNA switch family All versions V3.2.7, SCALANCE X-300 switch family incl. X408 and SIPLUS NET variants All versions V4.1.0. Devices do not create a new unique private key after factory reset. An attacker could leverage this situation to a...

5.9CVSS6.8AI score0.01176EPSS
Exploits0References3
ICS
ICS
added 2023/03/29 6:39 p.m.82 views

Akuvox E11

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: Akuvox Equipment: E11 Vulnerabilities: Generation of Predictable IV with CBC, User of Hard-coded Cryptographic Key, Missing Authentication for Critical Function, Storing Passwords in a Recoverable...

9.8CVSS8.8AI score0.01335EPSS
Exploits0References5
Rapid7 Blog
Rapid7 Blog
added 2023/03/21 6:54 p.m.75 views

CVE-2023-0391: MGT-COMMERCE CloudPanel Shared Certificate Vulnerability and Weak Installation Procedures

While using the popular self-hosted web administration solution, CloudPanel from MGT-COMMERCE, Rapid7 researcher Tod Beardsley discovered three security concerns. The first, an issue involving the trustworthiness of the installation script provided by the vendor, was an instance of CWE-494:...

7.8AI score0.00599EPSS
Exploits1
CVE
CVE
added 2023/03/13 7:57 p.m.60 views

CVE-2023-0355

CVE-2023-0355 affects the Akuvox E11 doorbell camera. The vulnerability is described as the use of a hard-coded cryptographic key , which could allow an attacker to decrypt sensitive information. The CVE entry does not provide exploit details. The related ics advisory (IcsA-23-068-01) characteriz...

7.5CVSS7AI score0.00534EPSS
Exploits0References1Affected Software1
NVD
NVD
added 2023/01/18 7:15 a.m.16 views

CVE-2022-34442

Dell EMC SCG Policy Manager, versions from 5.10 to 5.12, contains a contain a Hard-coded Cryptographic Key vulnerability. An attacker with the knowledge of the hard-coded sensitive information, could potentially exploit this vulnerability to login to the system to gain LDAP user privileges...

9.8CVSS8.4AI score0.00419EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2023/01/18 6:54 a.m.7 views

CVE-2022-34442

Dell EMC SCG Policy Manager, versions from 5.10 to 5.12, contains a contain a Hard-coded Cryptographic Key vulnerability. An attacker with the knowledge of the hard-coded sensitive information, could potentially exploit this vulnerability to login to the system to gain LDAP user privileges...

8CVSS8.5AI score0.00419EPSS
Exploits0References1
Cvelist
Cvelist
added 2023/01/18 6:54 a.m.22 views

CVE-2022-34442

Dell EMC SCG Policy Manager, versions from 5.10 to 5.12, contains a contain a Hard-coded Cryptographic Key vulnerability. An attacker with the knowledge of the hard-coded sensitive information, could potentially exploit this vulnerability to login to the system to gain LDAP user privileges...

8CVSS9.6AI score0.00419EPSS
Exploits0References1
NVD
NVD
added 2023/01/11 10:15 a.m.15 views

CVE-2022-34441

Dell EMC SCG Policy Manager, versions from 5.10 to 5.12, contains a contain a Hard-coded Cryptographic Key vulnerability. An attacker with the knowledge of the hard-coded sensitive information, could potentially exploit this vulnerability to login to the system to gain admin privileges...

9.8CVSS8.4AI score0.00472EPSS
Exploits0References1
NVD
NVD
added 2023/01/11 9:15 a.m.19 views

CVE-2022-34440

Dell EMC SCG Policy Manager, versions from 5.10 to 5.12, contains a contain a Hard-coded Cryptographic Key vulnerability. An attacker with the knowledge of the hard-coded sensitive information, could potentially exploit this vulnerability to login to the system to gain admin privileges...

9.8CVSS9AI score0.00472EPSS
Exploits0References1
Prion
Prion
added 2023/01/11 9:15 a.m.14 views

Hardcoded credentials

Dell EMC SCG Policy Manager, versions from 5.10 to 5.12, contains a contain a Hard-coded Cryptographic Key vulnerability. An attacker with the knowledge of the hard-coded sensitive information, could potentially exploit this vulnerability to login to the system to gain admin privileges...

7.5CVSS9.4AI score0.00472EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2023/01/11 9:3 a.m.56 views

CVE-2022-34441

Dell EMC SCG Policy Manager (Dell EMC SCG Policy Manager) vulnerable versions 5.10–5.12 due to a hard-coded cryptographic key that could allow an attacker with knowledge of the key to log in and obtain admin privileges. Root cause: hard-coded sensitive information in the product. Affected product...

9.8CVSS9.3AI score0.00472EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2023/01/11 9:3 a.m.24 views

CVE-2022-34441

Dell EMC SCG Policy Manager, versions from 5.10 to 5.12, contains a contain a Hard-coded Cryptographic Key vulnerability. An attacker with the knowledge of the hard-coded sensitive information, could potentially exploit this vulnerability to login to the system to gain admin privileges...

8CVSS9.6AI score0.00472EPSS
Exploits0References1
CVE
CVE
added 2023/01/11 8:23 a.m.45 views

CVE-2022-34440

The CVE-2022-34440 entry concerns Dell EMC SCG Policy Manager versions 5.10–5.12 that contain a hard-coded cryptographic key. The root cause is a hard-coded key enabling an attacker who knows the key to log in with admin privileges. Product: Dell EMC SCG Policy Manager (versions 5.10–5.12). Impac...

9.8CVSS9.3AI score0.00472EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2023/01/11 8:23 a.m.24 views

CVE-2022-34440

Dell EMC SCG Policy Manager, versions from 5.10 to 5.12, contains a contain a Hard-coded Cryptographic Key vulnerability. An attacker with the knowledge of the hard-coded sensitive information, could potentially exploit this vulnerability to login to the system to gain admin privileges...

8.4CVSS9.6AI score0.00472EPSS
Exploits0References1
ICS
ICS
added 2023/01/05 12:0 a.m.37 views

Hitachi Energy UNEM

1. EXECUTIVE SUMMARY CVSS v3 8.3 ATTENTION: Exploitable remotely/low attack complexity Vendor: Hitachi Energy Equipment: UNEM Vulnerabilities: Inadequate Encryption Strength, Use of Hard-coded Cryptographic Key, Cleartext Transmission of Sensitive Information. 2. RISK EVALUATION Successful...

9.8CVSS7.4AI score0.00569EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2022/12/27 12:0 a.m.6 views

CVE-2022-45425

Some Dahua software products have a vulnerability of using of hard-coded cryptographic key. An attacker can obtain the AES crypto key by exploiting this vulnerability...

6.9AI score0.0053EPSS
Exploits0References1
ICS
ICS
added 2022/12/05 7:0 a.m.264 views

Mitsubishi Electric FA Engineering Software (Update C)

1. EXECUTIVE SUMMARY CVSS v3 9.1 ATTENTION: Exploitable remotely/low attack complexity Vendor: Mitsubishi Electric Equipment: GX Works3, MX OPC UA Module Configurator-R Vulnerabilities: Cleartext Storage of Sensitive Information, Use of Hard-coded Password, Insufficiently Protected Credentials,...

9.1CVSS8.7AI score0.0129EPSS
Exploits0References11
ICS
ICS
added 2022/12/01 12:0 a.m.59 views

Horner Automation Remote Compact Controller

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: Horner Automation Equipment: Remote Compact Controller RCC 972 Vulnerabilities: Inadequate Encryption Strength, Use of Hard-coded Cryptographic Key, Excessive Reliance on Global Variables 2. RISK...

9.8CVSS8.9AI score0.00639EPSS
Exploits0References5
Rows per page
Query Builder