Hardcoded credentials

NVIDIA DGX servers, all DGX-1 with BMC firmware versions prior to 3.38.30 and all DGX-2 with BMC firmware versions prior to 1.06.06, contains a vulnerability in the AMI BMC firmware in which the firmware includes hard-coded credentials, which may lead to elevation of privileges or information...

CVE-2020-11483

NVIDIA DGX servers, all DGX-1 with BMC firmware versions prior to 3.38.30 and all DGX-2 with BMC firmware versions prior to 1.06.06, contains a vulnerability in the AMI BMC firmware in which the firmware includes hard-coded credentials, which may lead to elevation of privileges or information...

CVE-2020-11483

NVIDIA DGX-1, DGX-2, and DGX A100 DGX systems are affected by CVE-2020-11483 due to hard-coded credentials in the AMI BMC firmware. The root cause is embedded credentials in the BMC firmware, which may permit elevation of privileges or information disclosure over the network. According to NVIDIA’...

Micro Focus Operations Bridge Manager diagnostics Use of Hard-coded Credentials Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Micro Focus Operations Bridge Manager. Authentication is not required to exploit this vulnerability. The specific flaw exists within the product's authentication mechanism. The product contains a...

Security Bulletin: AMI Baseboard Management Controller (BMC) Firmware Vulnerabilities in NVIDIA DGX-1, DGX-2, and DGX A100 Servers - October 2020

NVIDIA has released a firmware security update for NVIDIA DGX™ servers. This update addresses security issues in the AMI Baseboard Management Controller BMC firmware that may lead to remote code execution, elevation of privileges, or information disclosure. All issues require network access to th...

B. Braun SpaceCom, Battery Pack SP with Wi-Fi, and Data module compactplus

1. EXECUTIVE SUMMARY CVSS v3 7.6 ATTENTION: Exploitable remotely/low and high skill level to exploit Vendor: B. Braun Melsungen AG Equipment: SpaceCom, Battery Pack SP with Wi-Fi, and Data module compactplus Vulnerabilities : Cross-site Scripting, Open Redirect, XPath Injection, Session Fixation,...

Security Bulletin: IBM Security Guardium is affected by Use of Hard-Coded Credentials vulnerabilities

Summary IBM Security Guardium has addressed the following vulnerabilities. Vulnerability Details CVEID: CVE-2020-4177 DESCRIPTION: IBM Security Guardium contains hard-coded credentials, such as a password or cryptographic key, which it uses for its own inbound authentication, outbound communicati...

CVE-2020-24215

An issue was discovered in the box application on HiSilicon based IPTV/H.264/H.265 video encoders. Attackers can use hard-coded credentials in HTTP requests to perform any administrative task on the device including retrieving the device's configuration with the cleartext admin password, and...

CVE-2020-24215

An issue was discovered in the box application on HiSilicon based IPTV/H.264/H.265 video encoders. Attackers can use hard-coded credentials in HTTP requests to perform any administrative task on the device including retrieving the device's configuration with the cleartext admin password, and...

CVE-2020-24215

CVE-2020-24215 affects HiSilicon-based IPTV/H.264/H.265 video encoders. The issue arises from hard-coded credentials in HTTP requests, enabling an attacker to perform any administrative task, retrieve device configurations (including the cleartext admin password), and upload firmware. This can le...

IBM Data Risk Manager Hardcoded Credentials Vulnerability

IBM Data Risk Manager is a data risk manager that helps discover, analyze and visualize business risks associated with data. A hard-coded credentials vulnerability exists in IBM Data Risk Manager 2.0.6. An attacker could exploit the vulnerability to obtain hard-coded credentials such as passwords...

Micro Focus Operations Bridge Reporter shrboadmin Use of Hard-coded Credentials Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Micro Focus Operations Bridge Reporter. Authentication is not required to exploit this vulnerability. The specific flaw exists within the creation of the shrboadmin user during installation. The...

CVE-2020-4622

IBM Data Risk Manager iDNA 2.0.6 contains hard-coded credentials, such as a password or cryptographic key, which it uses for its own inbound authentication, outbound communication to external components, or encryption of internal data. IBM X-Force ID: 184983...

CVE-2020-4622

IBM Data Risk Manager iDNA 2.0.6 contains hard-coded credentials, such as a password or cryptographic key, which it uses for its own inbound authentication, outbound communication to external components, or encryption of internal data. IBM X-Force ID: 184983...

Hardcoded credentials

IBM Data Risk Manager iDNA 2.0.6 contains hard-coded credentials, such as a password or cryptographic key, which it uses for its own inbound authentication, outbound communication to external components, or encryption of internal data. IBM X-Force ID: 184983...

CVE-2020-4622

IBM Data Risk Manager iDNA 2.0.6 contains hard-coded credentials, such as a password or cryptographic key, which it uses for its own inbound authentication, outbound communication to external components, or encryption of internal data. IBM X-Force ID: 184983...

CVE-2020-4622

CVE-2020-4622 : IBM Data Risk Manager (iDNA) 2.0.6 contains hard-coded credentials (password/cryptographic key) used for its own inbound authentication, outbound communication to external components, or encryption of internal data. This could undermine authentication/crypto trust within the produ...

CVE-2020-24115

In projectworlds Online Book Store 1.0 Use of Hard-coded Credentials in source code leads to admin panel access...

CVE-2020-24115

In projectworlds Online Book Store 1.0 Use of Hard-coded Credentials in source code leads to admin panel access...

Hardcoded credentials

In projectworlds Online Book Store 1.0 Use of Hard-coded Credentials in source code leads to admin panel access...