3819 matches found
mod-remote-storage Trust Management Issue Vulnerability
mod-remote-storage is a FOLIO open source backend module for remote storage. A security vulnerability exists in mod-remote-storage versions prior to 1.7.2 and versions 2.0.0 through 2.0.3, which stems from the use of hard-coded credentials. An attacker can exploit the vulnerability to read access...
mod-data-export-spring Trust Management Issues Vulnerability
mod-data-export-spring is a FOLIO open source API for data export Spring modules. A security vulnerability exists in mod-data-export-spring versions prior to 1.5.4, 2.0.0 through 2.0.2, which stems from the use of hard-coded credentials...
Use Of Hard-Coded Credentials
@evershop/evershop is vulnerable to the Use Of Hard-Coded Credentials. The vulnerability is due to the exposure of a weak HMAC secret. Attackers can use the predictable secret to create valid JSON Web Tokens JWT, which allows them access to sensitive information...
Rapid Software Rapid SCADA Trust Management Issue Vulnerability
Rapid Software Rapid SCADA is an open source industrial automation platform from Rapid Software. Rapid Software Rapid SCADA 5.8.4 and prior versions have a trust management issue vulnerability that stems from the use of hard-coded credentials, which allows an attacker to connect to a specific por...
Rapid Software LLC Rapid SCADA
View CSAF 1. EXECUTIVE SUMMARY CVSS v3 9.6 ATTENTION: Exploitable remotely, low attack complexity Vendor: Rapid Software LLC Equipment: Rapid SCADA Vulnerabilities: Path Traversal, Relative Path Traversal, Local Privilege Escalation through Incorrect Permission Assignment for Critical Resource,...
PT-2024-1449 · Unknown · Rapid Scada
Name of the Vulnerable Software and Affected Versions: Rapid SCADA versions prior to 5.8.4 Description: The issue is related to the use of hard-coded credentials in the SCADA system. This could allow a remote attacker to gain full control over the system by connecting to a specific port...
CVE-2023-50948
IBM Storage Fusion HCI 2.1.0 through 2.6.1 contains hard-coded credentials, such as a password or cryptographic key, which it uses for its own inbound authentication, outbound communication to external components, or encryption of internal data. IBM X-Force ID: 275671...
CVE-2023-50948
IBM Storage Fusion HCI 2.1.0 through 2.6.1 contains hard-coded credentials, such as a password or cryptographic key, which it uses for its own inbound authentication, outbound communication to external components, or encryption of internal data. IBM X-Force ID: 275671...
CVE-2023-50948 IBM Storage Fusion HCI information disclosure
IBM Storage Fusion HCI 2.1.0 through 2.6.1 contains hard-coded credentials, such as a password or cryptographic key, which it uses for its own inbound authentication, outbound communication to external components, or encryption of internal data. IBM X-Force ID: 275671...
CVE-2023-50948 IBM Storage Fusion HCI information disclosure
IBM Storage Fusion HCI 2.1.0 through 2.6.1 contains hard-coded credentials, such as a password or cryptographic key, which it uses for its own inbound authentication, outbound communication to external components, or encryption of internal data. IBM X-Force ID: 275671...
CVE-2023-50948
IBM Storage Fusion HCI 2.1.0–2.6.1 contains hard-coded credentials used for its own inbound authentication, outbound communication to external components, or encryption of internal data. Root cause is hard-coded credentials in versions 2.1.0–2.6.1. Impact as described: potential exposure of confi...
IBM Storage Fusion Security Vulnerability
IBM Storage Fusion is a fully integrated platform from International Business Machines IBM for running and maintaining all native Red Hat OpenShift applications. A security vulnerability exists in IBM Storage Fusion HCI versions 2.1.0 through 2.6.1, which stems from the system containing hard-cod...
PT-2024-1495 · Bosch · Nexo-Os
Name of the Vulnerable Software and Affected Versions: NEXO-OS affected versions not specified Description: The issue allows a remote attacker to authenticate to the web application with high privileges through multiple hidden hard-coded accounts. This can enable the attacker to gain unauthorized...
Security Bulletin: IBM Storage Fusion HCI uses hard-coded credentials for its own authentication with Active File Management (CVE-2023-50948)
Summary IBM Storage Fusion HCI uses default credentials for Active File Management AFM authentication. Vulnerability Details CVEID:CVE-2023-50948 DESCRIPTION: IBM Storage Fusion HCI contains hard-coded credentials, such as a password or cryptographic key, which it uses for its own inbound...
CVE-2023-49228
An issue was discovered in Peplink Balance Two before 8.4.0. Console port authentication uses hard-coded credentials, which allows an attacker with physical access and sufficient knowledge to execute arbitrary commands as root...
CVE-2023-49228
An issue was discovered in Peplink Balance Two before 8.4.0. Console port authentication uses hard-coded credentials, which allows an attacker with physical access and sufficient knowledge to execute arbitrary commands as root...
CVE-2023-49228
An issue was discovered in Peplink Balance Two before 8.4.0. Console port authentication uses hard-coded credentials, which allows an attacker with physical access and sufficient knowledge to execute arbitrary commands as root...
Peplink Balance Security Breach
Peplink Balance is a router from Peplink. A security vulnerability exists in Peplink Balance Two versions prior to 8.4.0, which stems from the use of hard-coded credentials for Console port authentication, allowing an attacker to execute arbitrary commands as root...
CVE-2023-49228
Peplink Balance Two before 8.4.0 is affected. The vulnerability is in the console port authentication which uses hard-coded credentials, enabling a physically proximate attacker to execute arbitrary commands as root. Remediation: upgrade to version 8.4.0 or later; as a workaround, restrict physic...
CVE-2023-47704
IBM Security Guardium Key Lifecycle Manager 4.3 contains plain text hard-coded credentials or other secrets in source code repository. IBM X-Force ID: 271220...