Critical Cisco Bug Opens Software Licencing Manager to Remote Attack

A critical flaw in the High Availability HA service of Cisco Smart Software Manager On-Prem Base has been uncovered, which would open the door to remote attackers thanks to its use of a static, default password, even if the platform isn’t directly connected to the internet. Cisco Smart Software...

Auto-Maskin RP210E, DCU210E, and Marine Observer Pro (Android App)

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Auto-Maskin Equipment: RP 210E Remote Panels, DCU 210E Control Units, and Marine Observer Pro Android App Vulnerabilities: Cleartext Transmission of Sensitive Information, Origin Validation Error,...

CVE-2019-4392

HCL AppScan Standard Edition 9.0.3.13 and earlier uses hard-coded credentials which can be exploited by attackers to get unauthorized access to the system...

CVE-2019-4392

HCL AppScan Standard Edition 9.0.3.13 and earlier uses hard-coded credentials which can be exploited by attackers to get unauthorized access to the system...

Hardcoded credentials

HCL AppScan Standard Edition 9.0.3.13 and earlier uses hard-coded credentials which can be exploited by attackers to get unauthorized access to the system...

CVE-2019-4392

HCL AppScan Standard Edition 9.0.3.13 and earlier uses hard-coded credentials which can be exploited by attackers to get unauthorized access to the system...

Opencast Trust Management Issues Vulnerabilities

Opencast is a free and open source video management solution that is scalable, customizable and low cost. A trust management issue vulnerability exists in Opencast versions prior to 7.6 and prior to 8.1. The vulnerability stems from the lack of an effective trust management mechanism in a network...

CVE-2013-6236

IZON IP 2.0.2: hard-coded password vulnerability...

CVE-2013-6236

IZON IP 2.0.2: hard-coded password vulnerability...

CVE-2013-6236

CVE-2013-6236 affects Stem Innovation IZON IP cameras (Firmware 2.0.2). The vulnerability arises from hard-coded credentials in the device’s Linux distribution and hidden web application, enabling unauthenticated access to the camera via Telnet/HTTP and exposing streams and configuration data. Po...

CVE-2019-4675

IBM Security Identity Manager 7.0.1 contains hard-coded credentials, such as a password or cryptographic key, which it uses for its own inbound authentication, outbound communication to external components, or encryption of internal data. IBM X-Force ID: 171511...

CVE-2019-4675

IBM Security Identity Manager 7.0.1 contains hard-coded credentials, such as a password or cryptographic key, which it uses for its own inbound authentication, outbound communication to external components, or encryption of internal data. IBM X-Force ID: 171511...

CVE-2019-4675

CVE-2019-4675 affects IBM Security Identity Manager 7.0.1, where the component contains hard-coded credentials used for its own inbound authentication, outbound communication to external components, or encryption of internal data. The root cause is the presence of embedded credentials in ISIM ver...

CVE-2019-4675

IBM Security Identity Manager 7.0.1 contains hard-coded credentials, such as a password or cryptographic key, which it uses for its own inbound authentication, outbound communication to external components, or encryption of internal data. IBM X-Force ID: 171511...

Opencast < 7.6.0 and 8.0.0 Multiple Vulnerabilities

Opencast is prone to multiple vulnerabilities. Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Security Bulletin: IBM Security Identity Manager Virtual Appliance is affected by multiple vulnerabilities (CVE-2019-4674, CVE-2018-15473, CVE-2019-4675)

Summary IBM Security Identity Manager Virtual Appliance ISIM VA has addressed the following vulnerabilities due to a remote attacker, user enumeration vulnerability, and hard-coded credentials. Vulnerability Details CVEID: CVE-2019-4674 DESCRIPTION: IBM Security Identity Manager could allow a...

Harded Coded Remember-Me Cookie

Opencast uses a harded coded remember-me cookie. The remember-me cookie is created by hashing the username, password, and an additional system key, allowing anyone with an access to the remember-me token for one server to compromise all servers using the same credentials...

Hard-Coded Key Used For Remember-me Token in Opencast

Impact The security configuration in etc/security/mhdefaultorg.xml enables a remember-me cookie based on a hash created from the username, password, and an additional system key. Opencast has hard-coded this system key in the large XML file and never mentions to change this, basically ensuring th...

CVE-2020-5222 Hard-Coded Key Used For Remember-me Token in OpenCast

Opencast before 7.6 and 8.1 enables a remember-me cookie based on a hash created from the username, password, and an additional system key. This means that an attacker getting access to a remember-me token for one server can get access to all servers which allow log-in using the same credentials...

CVE-2013-2572

A Security Bypass vulnerability exists in TP-LINK IP Cameras TL-SC 3130, TL-SC 3130G, 3171G, 4171G, and 3130 1.6.18P12 due to default hard-coded credentials for the administrative Web interface, which could let a malicious user obtain unauthorized access to CGI files...