8175 matches found
CVE-2023-38433
Fujitsu Real-time Video Transmission Gear "IP series" use hard-coded credentials, which may allow a remote unauthenticated attacker to initialize or reboot the products, and as a result, terminate the video transmission. Affected products and versions are as follows: IP-HE950E firmware versions...
CVE-2023-38433
Fujitsu Real-time Video Transmission Gear "IP series" use hard-coded credentials, which may allow a remote unauthenticated attacker to initialize or reboot the products, and as a result, terminate the video transmission. Affected products and versions are as follows: IP-HE950E firmware versions...
CVE-2023-38433
CVE-2023-38433 affects Fujitsu Real-time Video Transmission Gear IP series. The vulnerability arises from hard-coded credentials (CWE-798) that could allow a remote, unauthenticated attacker to log in and initialize or reboot devices, terminating video transmission. Affected firmware versions inc...
The vulnerability of the SonicWall Analytics analytical service and the SonicWall Global Management System (GMS) global network firewall management system lies in the use of cryptographic algorithms with hard-programmed keys for encryption. This allows attackers to compromise the integrity of the protected information.
The vulnerability of the SonicWall Analytics analytical service and the SonicWall Global Management System’s global network gateways is related to the use of cryptographic algorithms for encryption with a hard-programmed key. Exploiting this vulnerability could allow an attacker, operating...
JVN#95727578: Fujitsu Real-time Video Transmission Gear "IP series" uses a hard-coded credentials
Real-time Video Transmission Gear "IP series" provided by Fujitsu Limited uses a hard-coded credentials CWE-798 . The product's credentials for factory testing may be obtained by reverse engineering and others. Impact An attacker who log in to the web interface using the obtained credentials may...
PT-2023-5954 · Fujitsu · Ip-900D +10
Name of the Vulnerable Software and Affected Versions: Fujitsu Real-time Video Transmission Gear "IP series" versions V01L001 to V02L061 Fujitsu IP-HE950E firmware versions V01L001 to V01L053 Fujitsu IP-HE950D firmware versions V01L001 to V01L053 Fujitsu IP-HE900E firmware versions V01L001 to...
Fujitsu Real-time Video Transmission Gear IP series 信任管理问题漏洞
The Fujitsu Real-time Video Transmission Gear IP series is a real-time video transmission device from Fujitsu, Japan. A security vulnerability exists in the Fujitsu Real-time Video Transmission Gear IP series, which stems from a hard-coded credentials vulnerability. An attacker could use this...
Hard-coded System User Credentials in Folio Data Export Spring module
Impact The module creates a system user that is used to perform internal module-to-module operations. Credentials for this user are hard-coded in the source code. This makes it trivial to authenticate as this user, allowing unauthorized read access to these mod-inventory-storage records: instance...
Hard-coded System User Credentials in Folio Data Export Spring module
Impact The module creates a system user that is used to perform internal module-to-module operations. Credentials for this user are hard-coded in the source code. This makes it trivial to authenticate as this user, resulting in unauthorized access to potentially dangerous APIs, allowing to view a...
GHSA-VF78-3Q9F-92G3 Hard-coded System User Credentials in Folio Data Export Spring module
Impact The module creates a system user that is used to perform internal module-to-module operations. Credentials for this user are hard-coded in the source code. This makes it trivial to authenticate as this user, resulting in unauthorized access to potentially dangerous APIs, allowing to view a...
PT-2023-32949 · Folio · Mod-Data-Export-Spring
Name of the Vulnerable Software and Affected Versions: FOLIO mod-data-export-spring versions before 1.5.4 FOLIO mod-data-export-spring versions from 2.0.0 to 2.0.2 Description: The issue concerns hard-coded credentials in the mod-data-export-spring module, allowing unauthenticated users to access...
PT-2023-32947 · Unknown · Mod-Inventory-Storage +1
Name of the Vulnerable Software and Affected Versions: mod-remote-storage versions under 1.7.2 mod-remote-storage versions 2.0.0 through 2.0.3 Description: The issue concerns hard-coded credentials in the mod-remote-storage module, allowing unauthorized users to gain read access to...
The vulnerability of the FactoryTalk Policy Manager and FactoryTalk System Services software, related to the use of a hard-coded cryptographic key, allows attackers to escalate their privileges.
The vulnerability of the FactoryTalk Policy Manager and FactoryTalk System Services software lies in the use of a strictly encrypted cryptographic key. Exploiting this vulnerability could allow attackers to enhance their privileges...
Use Of Hard-coded Credentials
gitLab is vulnerable to Use of Hard-coded Credentials. This vulnerability exists because of hardcoded passwords being set for accounts registered through omniauth in gitLab, resulting in an authentication issue...
CVE-2023-37291
Galaxy Software Services Vitals ESP is vulnerable to using a hard-coded encryption key. An unauthenticated remote attacker can generate a valid token parameter and exploit this vulnerability to access system to operate processes and access data. This issue affects Vitals ESP: from 3.0.8 through...
CVE-2023-37291
Galaxy Software Services Vitals ESP is vulnerable to using a hard-coded encryption key. An unauthenticated remote attacker can generate a valid token parameter and exploit this vulnerability to access system to operate processes and access data. This issue affects Vitals ESP: from 3.0.8 through...
CVE-2023-37291 Galaxy Software Services Vitals ESP - Use of Hard-coded Cryptographic Key
Galaxy Software Services Vitals ESP is vulnerable to using a hard-coded encryption key. An unauthenticated remote attacker can generate a valid token parameter and exploit this vulnerability to access system to operate processes and access data. This issue affects Vitals ESP: from 3.0.8 through...
CVE-2023-37291 Galaxy Software Services Vitals ESP - Use of Hard-coded Cryptographic Key
Galaxy Software Services Vitals ESP is vulnerable to using a hard-coded encryption key. An unauthenticated remote attacker can generate a valid token parameter and exploit this vulnerability to access system to operate processes and access data. This issue affects Vitals ESP: from 3.0.8 through...
CVE-2023-37291
The CVE-2023-37291 issue affects Galaxy Software Services Vitals ESP (versions 3.0.8–6.2.0) where a hard-coded encryption key enables an unauthenticated remote attacker to generate a valid token parameter and gain access to the system to operate processes and access data. This is confirmed across...
PT-2023-25889 · Galaxy Software Services · Galaxy Software Services Vitals Esp
Name of the Vulnerable Software and Affected Versions: Galaxy Software Services Vitals ESP versions 3.0.8 through 6.2.0 Description: The issue is related to the use of a hard-coded encryption key in Galaxy Software Services Vitals ESP. An unauthenticated remote attacker can generate a valid token...