82 matches found
Default credentials
In cPanel before 88.0.3, insecure RNDC credentials are used for BIND on a templated VM SEC-549...
CVE-2020-26101
The CVE-2020-26101 affects cPanel prior to 88.0.3, where insecure RNDC credentials are used for BIND on a templated VM (SEC-549). The issue is documented across multiple sources (NVD entry for CVE-2020-26101 and related CNVD/CVE records). Affected software: cPanel
CVE-2020-26105
In cPanel before 88.0.3, insecure chkservd test credentials are used on a templated VM (SEC-554). The vulnerability affects cPanel releases prior to 88.0.3 involving chkservd credential handling on templated VMs. Root cause is insecure test credentials being used in the chkservd process; explicit...
CVE-2020-10755
An insecure-credentials flaw was found in all openstack-cinder versions before openstack-cinder 14.1.0, all openstack-cinder 15.x.x versions before openstack-cinder 15.2.0 and all openstack-cinder 16.x.x versions before openstack-cinder 16.1.0. When using openstack-cinder with the Dell EMC ScaleI...
CVE-2020-10755
An insecure-credentials flaw was found in all openstack-cinder versions before openstack-cinder 14.1.0, all openstack-cinder 15.x.x versions before openstack-cinder 15.2.0 and all openstack-cinder 16.x.x versions before openstack-cinder 16.1.0. When using openstack-cinder with the Dell EMC ScaleI...
Default credentials
An insecure-credentials flaw was found in all openstack-cinder versions before openstack-cinder 14.1.0, all openstack-cinder 15.x.x versions before openstack-cinder 15.2.0 and all openstack-cinder 16.x.x versions before openstack-cinder 16.1.0. When using openstack-cinder with the Dell EMC ScaleI...
PYSEC-2020-228
An insecure-credentials flaw was found in all openstack-cinder versions before openstack-cinder 14.1.0, all openstack-cinder 15.x.x versions before openstack-cinder 15.2.0 and all openstack-cinder 16.x.x versions before openstack-cinder 16.1.0. When using openstack-cinder with the Dell EMC ScaleI...
CVE-2020-10755
An insecure-credentials flaw was found in all openstack-cinder versions before openstack-cinder 14.1.0, all openstack-cinder 15.x.x versions before openstack-cinder 15.2.0 and all openstack-cinder 16.x.x versions before openstack-cinder 16.1.0. When using openstack-cinder with the Dell EMC ScaleI...
py39-cinder -- insecure-credentials flaw
OpenStack project reports: An insecure-credentials flaw was found in all openstack-cinder versions before openstack-cinder 14.1.0, all openstack-cinder 15.x.x versions before openstack-cinder 15.2.0 and all openstack-cinder 16.x.x versions before openstack-cinder 16.1.0. When using openstack-cind...
CVE-2020-10755
An insecure-credentials flaw was found in openstack-cinder. When using openstack-cinder with the Dell EMC ScaleIO or VxFlex OS backend storage driver, credentials for the entire backend are exposed in the connectioninfo element in all Block Storage v3 Attachments API calls containing that element...
Top Echelon Software: able to login into login.topechelon.com
The support login for our administrative account was using insecure credentials, allowing access to our administrative account. These credentials are not used, so we chose to deactivate the login to prevent access...
Cisco AMP Threat Grid Cloud and AMP Threat Grid Appliance software trust management issue vulnerability
Cisco AMP Threat Grid Cloud and AMP Threat Grid Appliance software are both products of Cisco, Inc. The Cisco AMP Threat Grid Cloud is a cloud-based malware and threat intelligence analysis solution. Grid Appliance software is an on-device malware analysis solution. Cisco AMP Threat Grid Cloud an...
CVE-2019-1657 Cisco AMP Threat Grid API Key Information Disclosure Vulnerability
A vulnerability in Cisco AMP Threat Grid could allow an authenticated, remote attacker to access sensitive information. The vulnerability is due to unsafe creation of API keys. An attacker could exploit this vulnerability by using insecure credentials to gain unauthorized access to the affected...
CVE-2019-1657 Cisco AMP Threat Grid API Key Information Disclosure Vulnerability
A vulnerability in Cisco AMP Threat Grid could allow an authenticated, remote attacker to access sensitive information. The vulnerability is due to unsafe creation of API keys. An attacker could exploit this vulnerability by using insecure credentials to gain unauthorized access to the affected...
Multiple PDQ Products Privilege Acquisition Vulnerabilities (CNVD-2017-23005)
PDQ Manufacturing LaserWash G5 and others are automotive automatic cleaning equipment from PDQ Manufacturing USA. A security vulnerability exists in several PDQ products due to the program failing to pass usernames and passwords in a secure manner. An attacker could exploit the vulnerability to...
CVE-2017-6686
A vulnerability in Cisco Ultra Services Framework Element Manager could allow an authenticated, remote attacker with access to the management network to log in as an admin or oper user of the affected device, aka an Insecure Default Credentials Vulnerability. More Information: CSCvc76699. Known...
Cisco Ultra Services Framework Staging Server Insecure Default Credentials Vulnerability
A vulnerability in Cisco Ultra Services Framework Staging Server could allow an authenticated, remote attacker with access to the management network to log in as an admin user of the affected device. The vulnerability is due to weak, hard-coded credentials of the admin user present on the affecte...
Tollgrade SmartGrid Sensor Management System Software Vulnerabilities
OVERVIEW Independent researcher Maxim Rupp has identified vulnerabilities in Tollgrade Communications, Inc.’s SmartGrid LightHouse Sensor Management System SMS Software EMS. Tollgrade Communications, Inc. has produced an update to mitigate these vulnerabilities. Maxim Rupp has tested the update t...
Intellian Satellite TV t-Series and v-Series firmware contains insecure default credentials
Overview Intellian Satellite TV antennas t-Series and v-Series, firmware version 1.07, uses default credentials. Description CWE-255: Credentials Management- CVE-2016-6551Intellian Satellite TV antennas t-Series and v-Series, firmware version 1.07, uses non-random default credentials of: ftp/ftp ...
Cisco EPC3925 UPC Insecure Default Password Vulnerability
The Cisco EPC3925 is a home router device. An insecure default password vulnerability exists in the Cisco EPC3925 UPC. A remote attacker with knowledge of the default credentials could exploit this vulnerability to gain unauthorized access and perform unauthorized actions...