(0Day) Voltronic Power ViewPower Pro MySQL Use of Hard-coded Credentials Local Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Voltronic Power ViewPower Pro. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the...

PT-2023-30577 · Ibm · Ibm Security Guardium Key Lifecycle Manager

Name of the Vulnerable Software and Affected Versions: IBM Security Guardium Key Lifecycle Manager version 4.2 IBM Security Guardium Key Lifecycle Manager version 4.3 Description: The issue concerns the presence of plain text hard-coded credentials or other secrets in the source code repository o...

IBM Security Guardium Trust Management Issues Vulnerabilities

IBM Security Guardium is a suite of platforms from International Business Machines IBM that provide data protection capabilities. The platform includes features such as customized UI, report management and streamlined audit process building. A trust management issue vulnerability exists in IBM...

PT-2023-9163 · Ibm · Ibm Storage Fusion Hci

Name of the Vulnerable Software and Affected Versions: IBM Storage Fusion HCI versions 2.1.0 through 2.6.1 Description: The issue concerns the use of hard-coded credentials, such as a password or cryptographic key, which the software uses for its own inbound authentication, outbound communication...

CVE-2023-48388

Multisuns EasyLog web+ has a vulnerability of using hard-coded credentials. An remote attacker can exploit this vulnerability to access the system to perform arbitrary system operations or disrupt service...

CVE-2023-48388

Multisuns EasyLog web+ has a vulnerability of using hard-coded credentials. An remote attacker can exploit this vulnerability to access the system to perform arbitrary system operations or disrupt service...

Hardcoded credentials

Multisuns EasyLog web+ has a vulnerability of using hard-coded credentials. An remote attacker can exploit this vulnerability to access the system to perform arbitrary system operations or disrupt service...

CVE-2023-48388

CVE-2023-48388 affects Multisuns EasyLog web+ and centers on use of hard-coded credentials. The available connected sources confirm a remote, network-exposed vulnerability allowing an attacker to gain access and perform arbitrary system operations or disrupt service, with CVSS 3.1 vector: AV:N/AC...

CVE-2023-48374

SmartStar Software CWS is a web-base integration platform, it has a vulnerability of using a hard-coded for a specific account with low privilege. An unauthenticated remote attacker can exploit this vulnerability to run partial processes and obtain partial information, but can't disrupt service o...

CVE-2023-48374 SmartStar Software CWS Web-Base - Use of Hard-coded Credentials

SmartStar Software CWS is a web-base integration platform, it has a vulnerability of using a hard-coded for a specific account with low privilege. An unauthenticated remote attacker can exploit this vulnerability to run partial processes and obtain partial information, but can't disrupt service o...

Multisuns EasyLog web+ Security Vulnerability

Multisuns EasyLog web+ is an unattended multi-loop digital telephone recording system from China Huading Multisuns. A security vulnerability exists in Multisuns EasyLog web+ v1.13.2.8, which stems from the use of hard-coded credentials, and can be exploited by remote attackers to gain access to t...

CVE-2023-36651

Hidden and hard-coded credentials in ProLion CryptoSpike 3.0.15P2 allow remote attackers to login to web management as super-admin and consume the most privileged REST API endpoints via these credentials...

CVE-2023-36651

Hidden and hard-coded credentials in ProLion CryptoSpike 3.0.15P2 allow remote attackers to login to web management as super-admin and consume the most privileged REST API endpoints via these credentials...

CVE-2023-36651

Hidden and hard-coded credentials in ProLion CryptoSpike 3.0.15P2 allow remote attackers to login to web management as super-admin and consume the most privileged REST API endpoints via these credentials...

CVE-2023-36651

Summary: CVE-2023-36651 affects ProLion CryptoSpike 3.0.15P2. The issue arises from hidden and hard-coded credentials that let remote attackers log in to web management as super-admin and access the most privileged REST API endpoints. The available sources consistently describe the vulnerability ...

ProLion CryptoSpike Security Vulnerability

ProLion CryptoSpike is ProLion's solution for detecting and combating suspicious activity. A security vulnerability exists in ProLion CryptoSpike version 3.0.15P2 that stems from hidden and hard-coded credentials...

PT-2023-25655 · Prolion · Prolion Cryptospike

Name of the Vulnerable Software and Affected Versions: ProLion CryptoSpike version 3.0.15P2 Description: The issue concerns hidden and hard-coded credentials in the software, allowing remote attackers to login to web management as a super-admin. This access enables the consumption of the most...

Security Bulletin: IBM Integrated Management Module II (IMM2) is affected by First Failure Data Capture (FFDC) information disclosure (CVE-2018-9068)

Summary IBM Integrated Management Module II IMM2 has addressed the following First Failure Data Capture FFDC information disclosure vulnerability. Vulnerability Details CVEID: CVE-2018-9068 DESCRIPTION: Lenovo Integrated Management Module 2 IMM2 contains hard-coded credentials to access the SFTP...

PT-2023-31121 · Peplink · Peplink Balance Two

Name of the Vulnerable Software and Affected Versions: Peplink Balance Two versions prior to 8.4.0 Description: An issue was discovered in Peplink Balance Two where console port authentication uses hard-coded credentials. This allows an attacker with physical access and sufficient knowledge to...

CVE-2023-40463 Use of Hard-Coded Credentials

When configured in debugging mode by an authenticated user with administrative privileges, ALEOS 4.16 and earlier store the SHA512 hash of the common root password for that version in a directory accessible to a user with root privileges or equivalent access...