CloudBees Jenkins Open STF Plugin Trust Management Issue Vulnerability

CloudBees Jenkins Hudson Labs is the United States CloudBees company's set of Java-based development of continuous integration tools. The product is mainly used to monitor the continuous software version release/testing projects and some timed tasks . Open STF Plugin is used in one of the STF...

cPanel Trust Management Issues Vulnerability (CNVD-2019-29006)

cPanel is a set of Web-based automated colocation platform from the US-based cPanel. The platform is primarily used to automate the management of websites and servers. A trust management issue vulnerability exists in versions prior to cPanel 55.9999.141. The vulnerability stems from the lack of a...

Johnson Controls Metasys

1. EXECUTIVE SUMMARY CVSS v3 6.8 ATTENTION: Exploitable remotely Vendor: Johnson Controls Equipment: Metasys Vulnerabilities: Reusing a Nonce, Key Pair in Encryption; Use of Hard-coded Cryptographic Key 2. RISK EVALUATION Successful exploitation of these vulnerabilities could be leveraged by an...

CloudBees Jenkins Codefresh Integration Plugin Authorization Issues Vulnerability

CloudBees Jenkins Hudson Labs is the United States CloudBees company's set of Java-based development of continuous integration tools . An authorization issue vulnerability exists in CloudBees Jenkins Codefresh Integration Plugin, which can be exploited by an attacker to attack affected components...

Security Bulletin: IBM Secure Gateway is affected by two vulnerabilities

Summary Secure Gateway has addressed the following vulnerabilities: CVE-2019-4498 CVE-2019-4499 Vulnerability Details CVEID: CVE-2019-4498 DESCRIPTION: IBM Secure Gateway Service uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive informatio...

FortiRecorder sets credentials of FortiCameras to static values

An Use of Hard-coded Credentials vulnerability in FortiRecorder may allow an unauthenticated attacker with knowledge of the aforementioned credentials and network access to FortiCameras to take control of those, provided they are managed by a FortiRecorder device...

Neet AirStream NAS 1.1 Trust Management Issue Vulnerability

The Neet AirStream NAS1.1 is a wireless audio receiver. A vulnerability with trust management issues exists in Neet AirStream NAS1.1. The vulnerability stems from the lack of an effective trust management mechanism in the network system or product. An attacker can exploit default passwords or...

cPanel Trust Management Issues Vulnerability (CNVD-2019-29627)

cPanel is a set of Web-based automated colocation platforms from the American company cPanel. The platform is primarily used to automate the management of websites and servers. A vulnerability with trust management issues exists in versions prior to cPanel 62.0.4. The vulnerability stems from the...

Puzzling Gwmndy Botnet Focuses on Low-Volume Proxy Connections

An odd botnet has been spotted targeting Fiberhome routers, in a quest to add 200 of them per day to its botnet web. That’s a low number in the world of botnets, according to 360 Netlab researchers, which observed a previously unknown malware strain called Gwmndy after the attackers’ domain name...

AKUVOX NETWORKS R50P VoIP phone Trust Management Issue Vulnerability

AKUVOX NETWORKS R50P VoIP phone is an IP phone from AKUVOX NETWORKS, China. A trust management issue vulnerability exists in AKUVOX NETWORKS R50P VoIP phone version 50.0.6.156, which arises from the lack of an effective trust management mechanism in a networked system or product, and can be...

Infinova Swann SWWHD-INTCAM-HD Trust Management Issues Vulnerability

The Infinova Swann SWWHD-INTCAM-HD is a webcam from Infinova USA. A vulnerability with trust management issues exists in the Infinova Swann SWWHD-INTCAM-HD device. The vulnerability stems from the lack of an effective trust management mechanism in the network system or product. An attacker can...

Multiple AudioCodes Products Trust Management Issue Vulnerabilities

AudioCodes Mediant 500L-MSBR and so on are products of AudioCodes Israel.AudioCodes Mediant 500L-MSBR is a 500L series all-in-one SOHO/SMB router.AudioCodes Mediant 500-MSBR is a 500 The AudioCodes Mediant 500-MSBR is a 500L series all-in-one SOHO/SMB router. A trust management issue vulnerabilit...

helm trust management issue vulnerability

helm is a Kubernetes package manager. A trust management issue vulnerability exists in versions of helm prior to 2.7.2. The vulnerability stems from the lack of an effective trust management mechanism in a networked system or product. An attacker can leverage default passwords or hard-coded...

SUSE-SU-2019:1847-1 Security update for xrdp

This update for xrdp fixes the following issues: These security issues were fixed: - CVE-2013-1430: When successfully logging in using RDP into an xrdp session, the file /.vnc/sesman$usernamepasswd was created. Its content was the equivalent of the user's cleartext password, DES encrypted with a...

Dynacolor FCM-MB40 Trust Management Issues Vulnerability

Dynacolor FCM-MB40 is an IP camera from Dynacolor, Taiwan, China. A trust management issue vulnerability exists in the Dynacolor FCM-MB40 v1.2.0.0. The vulnerability stems from the lack of an effective trust management mechanism in the network system or product. An attacker can exploit default...

Odoo Trust Management Issues Vulnerabilities

Odoo is an Enterprise Resource Planning ERP and Customer Relationship Management CRM system from Odoo Belgium. The system is developed in Python language, PostgreSQL as the database, and includes modules for sales management, inventory management, financial management and so on. A trust managemen...

CVE-2019-13399

Dynacolor FCM-MB40 v1.2.0.0 devices have a hard-coded SSL/TLS key that is used during an administrator's SSL conversation...

CVE-2019-13352

CVE-2019-13352 affects WolfVision Cynap prior to version 1.30j. The vulnerability arises from a static, hard-coded cryptographic secret used to generate support PINs for the forgotten-password feature, enabling an attacker who knows the secret and the calculation method to reset the ADMIN passwor...

WolfVision Cynap 1.18g / 1.28j Hardcoded Credential

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Advisory ID: SYSS-2019-021 Product: Cynap Manufacturer: WolfVision Affected Versions: 1.18g, 1.28j Tested Versions: 1.18g, 1.28j Vulnerability Type: Use of Hard-coded Cryptographic Key CWE-321 Risk Level: High Solution Status: Fixed Manufacturer...

CVE-2019-7261

Linear eMerge E3-Series devices have Hard-coded Credentials...