CVE-2020-7501

A CWE-798: Use of Hard-coded Credentials vulnerability exists in Vijeo Designer Basic V1.1 HotFix 16 and prior and Vijeo Designer V6.2 SP9 and prior which could cause unauthorized read and write when downloading and uploading project or firmware into Vijeo Designer Basic and Vijeo Designer...

CVE-2020-7501

CVE-2020-7501 affects Schneider Electric’s Vijeo Designer Basic (V1.1 HotFix 16 and earlier) and Vijeo Designer (V6.2 SP9 and earlier). The vulnerability is a CWE-798 hard-coded credentials issue that could enable unauthorized read and write during project or firmware download/upload operations i...

CVE-2020-7498

The CVE-2020-7498 entry concerns Schneider Electric Unity Loader and OS Loader Software (all versions) with a CWE-798 issue: the use of hard-coded credentials to simplify file transfers. This root cause means an attacker could potentially gain unauthorized access to the file transfer service used...

CVE-2020-7498

A CWE-798: Use of Hard-coded Credentials vulnerability exists in the Unity Loader and OS Loader Software all versions. The fixed credentials are used to simplify file transfer. Today the use of fixed credentials is considered a vulnerability, which could cause unauthorized access to the file...

Security Bulletin: IBM Spectrum Protect Plus is vulnerable to authentication bypass (CVE-2020-4216)

Summary IBM Spectrum Protect Plus is vulnerable to authentication bypass due to use of hard-coded credentials. Vulnerability Details CVEID: CVE-2020-4216 DESCRIPTION: IBM Spectrum Protect Plus contains hard-coded credentials, such as a password or cryptographic key, which it uses for its own...

CVE-2020-4216

IBM Spectrum Protect Plus 10.1.0 through 10.1.5 contains hard-coded credentials, such as a password or cryptographic key, which it uses for its own inbound authentication, outbound communication to external components, or encryption of internal data. IBM X-Force ID: 175066...

CVE-2020-4216

IBM Spectrum Protect Plus 10.1.0 through 10.1.5 contains hard-coded credentials, such as a password or cryptographic key, which it uses for its own inbound authentication, outbound communication to external components, or encryption of internal data. IBM X-Force ID: 175066...

Hardcoded credentials

IBM Spectrum Protect Plus 10.1.0 through 10.1.5 contains hard-coded credentials, such as a password or cryptographic key, which it uses for its own inbound authentication, outbound communication to external components, or encryption of internal data. IBM X-Force ID: 175066...

CVE-2020-4216

IBM Spectrum Protect Plus 10.1.0 through 10.1.5 contains hard-coded credentials, such as a password or cryptographic key, which it uses for its own inbound authentication, outbound communication to external components, or encryption of internal data. IBM X-Force ID: 175066...

CVE-2020-4216

CVE-2020-4216 affects IBM Spectrum Protect Plus versions 10.1.0–10.1.5 due to hard-coded credentials used for inbound authentication, outbound communication, or internal data encryption. This leads to an authentication bypass vulnerability. The IBM advisory lists a first-fix in 10.1.6 for Spectru...

IBM Spectrum Protect Plus Information Disclosure Vulnerability (CNVD-2020-33088)

IBM Spectrum Protect Plus is a suite of data protection platforms from IBM USA. The platform provides organizations with a single point of control and management and supports backup and recovery for virtual, physical and cloud environments of all sizes. A security vulnerability exists in IBM...

IBM Spectrum Protect Plus Hardcoded Username And Password Authentication Bypass Vulnerability

This vulnerability allows remote attackers to bypass authentication on vulnerable installations of IBM Spectrum Protect Plus. Authentication is not required to exploit this vulnerability. The specific flaw exists within the processing of login requests to the Discovery Server service. The product...

SAP Commerce Trust Management Issue Vulnerability

SAP Commerce is a set of cloud-based e-commerce platform from Germany's SAP. This product supports sales management, marketing management, order management and operations management. A trust management issue vulnerability exists in SAP Commerce that stems from the program's use of hard-coded...

Foxit Reader and PhantomPDF DocuSign Plugin Trust Management Issues Vulnerability

Foxit Reader and Foxit PhantomPDF are both Chinese Foxit Foxit company a PDF document reader. A trust management issue exists in the DocuSign plug-in in Foxit Reader versions prior to 9.7.2 and PhantomPDF versions prior to 9.7.2. An attacker can exploit this vulnerability to obtain hard-coded...

CVE-2019-16150

Use of a hard-coded cryptographic key to encrypt security sensitive data in local storage and configuration in FortiClient for Windows prior to 6.4.0 may allow an attacker with access to the local storage or the configuration backup file to decrypt the sensitive data via knowledge of the hard-cod...

CVE-2019-16150

Use of a hard-coded cryptographic key to encrypt security sensitive data in local storage and configuration in FortiClient for Windows prior to 6.4.0 may allow an attacker with access to the local storage or the configuration backup file to decrypt the sensitive data via knowledge of the hard-cod...

IBM Security Guardium Trust Management Issues Vulnerability

IBM Security Guardium is a suite of platforms from IBM in the United States that provide data protection capabilities. The platform includes features such as custom UI, report management and streamlined audit process building. IBM Security Guardium suffers from a trust management issue...

IBM Security Guardium Trust Management Issues Vulnerability (CNVD-2020-32647)

IBM Security Guardium is a suite of platforms from IBM in the United States that provide data protection capabilities. The platform includes features such as custom UI, report management and streamlined audit process building. IBM Security Guardium suffers from a trust management issue...

Fortinet FortiClient Trust Management Issue Vulnerability

Fortinet FortiClient is a mobile endpoint security solution from Fortinet. The solution provides IPsec and SSL encryption, WAN optimization, endpoint compliance and two-factor authentication when connected to a FortiGate firewall appliance. A security vulnerability exists in Fortinet FortiClient...

Cisco 809 Industrial ISRs, 829 Industrial ISRs, and Cisco CGR1000 IOS Software Trust Management Issue Vulnerabilities

Cisco 1000 Series Connected Grid Routers CGR1000 is a 1000 Series Internet Grid Router from Cisco. A trust management issue exists in the virtual console authentication of the IOS Software in Cisco 809 Industrial ISRs, 829 Industrial ISRs, and Cisco CGR1000. The vulnerability stems from the...