Security Bulletin: Authentication Bypass, Arbitrary Directory Deletion, and Command Injection vulnerabilities in IBM Spectrum Protect Plus (CVE-2020-4208, CVE-2020-4214, CVE-2020-4206, CVE-2020-4241, CVE-2020-4242)

Summary IBM Spectrum Protect Plus is vulnerable to authentication bypass, arbitrary directory deletion, and command injection which allows a remote attacker to execute arbitrary code on the system. Vulnerability Details CVEID: CVE-2020-4208 DESCRIPTION: IBM Spectrum Protect Plus contains hard-cod...

IBM Spectrum Protect Plus Authentication Bypass Vulnerability

IBM Spectrum Protect Plus is a suite of data protection platforms from IBM USA. The platform provides organizations with a single point of control and management and supports backup and recovery for virtual, physical and cloud environments of all sizes. A security vulnerability exists in IBM...

CVE-2020-4208

IBM Spectrum Protect Plus 10.1.0 through 10.1.5 contains hard-coded credentials, such as a password or cryptographic key, which it uses for its own inbound authentication, outbound communication to external components, or encryption of internal data. IBM X-Force ID: 174975...

CVE-2020-4208

IBM Spectrum Protect Plus 10.1.0 through 10.1.5 contains hard-coded credentials, such as a password or cryptographic key, which it uses for its own inbound authentication, outbound communication to external components, or encryption of internal data. IBM X-Force ID: 174975...

Hardcoded credentials

IBM Spectrum Protect Plus 10.1.0 through 10.1.5 contains hard-coded credentials, such as a password or cryptographic key, which it uses for its own inbound authentication, outbound communication to external components, or encryption of internal data. IBM X-Force ID: 174975...

CVE-2020-4208

CVE-2020-4208 affects IBM Spectrum Protect Plus 10.1.0–10.1.5, where hard-coded credentials are used for inbound authentication, outbound communication, or internal data encryption. The root cause is hard-coded credentials in the product, leading to exposure of authentication and potential unauth...

CVE-2020-4208

IBM Spectrum Protect Plus 10.1.0 through 10.1.5 contains hard-coded credentials, such as a password or cryptographic key, which it uses for its own inbound authentication, outbound communication to external components, or encryption of internal data. IBM X-Force ID: 174975...

IBM Spectrum Protect Plus serveradmin Authentication Bypass Vulnerability

This vulnerability allows remote attackers to bypass authentication on affected installations of IBM Spectrum Protect Plus. Authentication is not required to exploit this vulnerability. The specific flaw exists within the Administrative Console Framework service. The service uses a hard-coded...

CVE-2020-1764

A hard-coded cryptographic key vulnerability in the default configuration file was found in Kiali, all versions prior to 1.15.1. A remote attacker could abuse this flaw by creating their own JWT signed tokens and bypass Kiali authentication mechanisms, possibly gaining privileges to view and alte...

CVE-2020-1764

CVE-2020-1764 concerns a hard-coded cryptographic key in Kiali’s default config, affecting all versions

TP-Link Archer Code Execution Vulnerability

The TP-Link Archer A7 AC1750 is a wireless router from China P&L TP-Link. A security vulnerability exists in the tdpServer service in the TP-Link Archer A7 using firmware version 190726 AC1750, which stems from the program's use of hard-coded encryption keys. An attacker could exploit the...

Kiali Trust Management Issues Vulnerabilities

Kiali is an open source, visual management tool for the Istio microservices architecture. A trust management issue vulnerability exists in the default configuration file in versions of Kiali prior to 1.15.1. The vulnerability stems from the fact that the file comes with a hard-coded encryption ke...

CVE-2020-10884

This vulnerability allows network-adjacent attackers execute arbitrary code on affected installations of TP-Link Archer A7 Firmware Ver: 190726 AC1750 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the tdpServer service, which listens on UDP...

CVE-2020-10884

This CVE concerns TP-Link Archer A7 AC1750 routers running firmware 190726. Affected component is the tdpServer daemon, which listens on UDP port 20002; the issue stems from a hard-coded encryption key, enabling network-adjacent attackers to execute arbitrary code with root privileges in vulnerab...

CVE-2020-10884

This vulnerability allows network-adjacent attackers execute arbitrary code on affected installations of TP-Link Archer A7 Firmware Ver: 190726 AC1750 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the tdpServer service, which listens on UDP...

(Pwn2Own) TP-Link Archer A7 tdpServer Use of Hard-coded Cryptographic Key Remote Code Execution Vulnerability

This vulnerability allows network-adjacent attackers execute arbitrary code on affected installations of TP-Link Archer A7 AC1750 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the tdpServer service, which listens on UDP port 20002 by defaul...

The vulnerability of the CommandLineService component of the Foglight Evolve platform, which stems from the use of hard-coded user credentials “__service__ user”, allows attackers to execute arbitrary code.

The vulnerability of the CommandLineService component of the Foglight Evolve platform is related to the use of hard-coded user credentials “service user”. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely...

PT-2020-2707 · Istio · Kiali

Name of the Vulnerable Software and Affected Versions: Kiali versions prior to 1.15.1 Description: The issue is related to a hard-coded cryptographic key in the default configuration file of Kiali, which is part of the Istio service mesh. This flaw can be exploited by a remote attacker to create...

CVE-2020-6979

In Moxa EDS-G516E Series firmware, Version 5.2 or lower, the affected products use a hard-coded cryptographic key, increasing the possibility that confidential data can be recovered...

CVE-2020-6979

CVE-2020-6979 affects Moxa EDS-G516E (and EDS-510E per advisories) with firmware version 5.2 or lower, where a hard-coded cryptographic key is used, increasing the risk that confidential data can be recovered. Affected components are the cryptographic handling paths implementing the hard-coded ke...