The vulnerability of the MXSecurity software platform for managing security in industrial networks lies in the use of strictly encrypted credentials, which allows attackers to disclose the protected information.

The vulnerability of the MXSecurity software platform for managing security in industrial networks is related to the use of strictly encrypted user credentials. Exploiting this vulnerability could allow an attacker to disclose the protected information...

CVE-2024-7763

In WhatsUp Gold versions released before 2024.0.0, an Authentication Bypass issue exists which allows an attacker to obtain encrypted user credentials...

CVE-2024-7763

In WhatsUp Gold versions released before 2024.0.0, an Authentication Bypass issue exists which allows an attacker to obtain encrypted user credentials...

CVE-2024-7763

Summary: CVE-2024-7763 affects Progress Software WhatsUp Gold prior to 2024.0.0. The vulnerability is an authentication bypass in the getReport feature, enabling an attacker to obtain encrypted user credentials. Affected software: Progress WhatsUp Gold (versions before 2024.0.0). Root cause / vul...

WhatsUp Gold 授权问题漏洞

Progress Software WhatsUp Gold is a network monitoring software from Progress Software, Inc. It is used to monitor the entire network infrastructure as well as applications, configurations and network traffic. An authorization issue vulnerability exists in WhatsUp Gold versions prior to 2024.0.0...

The vulnerability of the Kubernetes Image Builder software lies in its use of hard-coded credentials, which allows an attacker to gain access to the virtual machine.

The vulnerability of the Kubernetes Image Builder software relates to the use of strictly encrypted credentials. Exploiting this vulnerability could allow a malicious actor to gain access to the virtual machine via SSH connection and elevate their privileges to root level...

The vulnerability of the Palo Alto Networks Expedition configuration migration tool lies in the lack of measures to neutralize special elements used in the operating system team. This allows attackers to enhance their privileges and execute arbitrary commands on the basic operating system.

The vulnerability of the Palo Alto Networks Expedition configuration migration tool lies in the lack of measures taken to neutralize special elements used in the operating system team. Exploiting this vulnerability allows a malicious actor to enhance their privileges and execute arbitrary command...

The vulnerability of the Palo Alto Networks Expedition configuration migration tool, related to the disclosure of information through registration files, allows a hacker to obtain encrypted user credentials.

The vulnerability of the Palo Alto Networks Expedition configuration migration tool lies in the ability to disclose information through registration files. Exploiting this vulnerability could allow a malicious actor to obtain encrypted user credentials remotely...

The vulnerability of the Command-Line Argument Handler component of software for controlling remote connections in Devolutions Remote Desktop Manager allows a hacker to obtain encrypted user credentials.

The vulnerability of the Command-Line Argument Handler component in software for controlling remote connections in Devolutions Remote Desktop Manager is related to the disclosure of information through registration files. Exploiting this vulnerability can allow a hacker to obtain encrypted user...

The vulnerability of the SolarWinds Access Rights Manager software, which stems from the use of strictly encrypted credentials, allows a perpetrator to gain access to the RabbitMQ management console.

The vulnerability of the SolarWinds Access Rights Manager ARM lies in the use of strictly encrypted credentials. Exploiting this vulnerability could allow a malicious actor to gain access to the RabbitMQ management console remotely...

The vulnerability of microprogrammed software in Vonets Industrial WiFi Bridge Relays and WiFi Bridge Repeaters allows a intruder to gain unauthorized access to protected information.

The vulnerability of the Vonets Industrial WiFi Bridge Relays and WiFi Bridge Repeaters exists due to the presence of rigidly encrypted credentials in the application code. Exploiting this vulnerability can allow an unauthorized attacker to gain unauthorized access to protected information...

PT-2024-8750 · Siemens · Sinema Remote Connect Server

Name of the Vulnerable Software and Affected Versions: SINEMA Remote Connect Server versions prior to V3.2 SP1 Description: The issue is related to insufficient restriction of authentication attempts, allowing a remote attacker to obtain encrypted user credentials. The affected application does n...

The vulnerability of the Brocade SANnav network management software, which stems from the use of strictly encrypted credentials, allows a hacker to perform a Man-in-the-Middle attack and decrypt SSH traffic.

The vulnerability of the Brocade SANnav network management software is related to the use of strictly encrypted authentication credentials. Exploiting this vulnerability allows a remote attacker to perform a Man-in-the-Middle MITM attack and decrypt SSH traffic...

The vulnerability of the software for providing secure remote access to data in the Palo Alto Networks GlobalProtect App, related to the disclosure of information through registration files, allows a hacker to obtain encrypted user credentials.

The vulnerability of the software for providing secure remote access to data in the Palo Alto Networks GlobalProtect App is related to the disclosure of information through registration files. Exploiting this vulnerability could allow a malicious actor, operating remotely, to obtain encrypted use...

CVE-2024-5908

A problem with the Palo Alto Networks GlobalProtect app can result in exposure of encrypted user credentials, used for connecting to GlobalProtect, in application logs. Normally, these application logs are only viewable by local users and are included when generating logs for troubleshooting...

CVE-2024-5908

A problem with the Palo Alto Networks GlobalProtect app can result in exposure of encrypted user credentials, used for connecting to GlobalProtect, in application logs. Normally, these application logs are only viewable by local users and are included when generating logs for troubleshooting...

CVE-2024-5908 GlobalProtect App: Encrypted Credential Exposure via Log Files

A problem with the Palo Alto Networks GlobalProtect app can result in exposure of encrypted user credentials, used for connecting to GlobalProtect, in application logs. Normally, these application logs are only viewable by local users and are included when generating logs for troubleshooting...

GlobalProtect App: Encrypted Credential Exposure via Log Files

A problem with the Palo Alto Networks GlobalProtect app can result in exposure of encrypted user credentials, used for connecting to GlobalProtect, in application logs. Normally, these application logs are only viewable by local users and are included when generating logs for troubleshooting...

Palo Alto Networks GlobalProtect Security Breach

Palo Alto Networks GlobalProtect is a suite of network protection software from Palo Alto Networks, USA. The software provides features such as firewall monitoring and threat prevention. A security vulnerability exists in Palo Alto Networks GlobalProtect, which arises from the fact that encrypted...

PT-2024-4211 · Palo Alto Networks · Palo Alto Networks Globalprotect

Name of the Vulnerable Software and Affected Versions: Palo Alto Networks GlobalProtect App affected versions not specified Description: A problem with the Palo Alto Networks GlobalProtect app can result in exposure of encrypted user credentials, used for connecting to GlobalProtect, in applicati...