Oracle Linux 5 / 6 : Unbreakable Enterprise kernel (ELSA-2019-4689)

The remote Oracle Linux 5 / 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2019-4689 advisory. - tcp: enforce tcpminsndmss in tcpmtuprobing Eric Dumazet Orabug: 29886601 CVE-2019-11477 - tcp: add tcpminsndmss sysctl Eric Dumazet Orabug:...

WAGO Industrial Managed Switches 852-303, 852-1305 and 852-1505 Trust Management Issue Vulnerability (CNVD-2020-36950)

WAGO Industrial Managed Switches 852-303 and so on are a kind of industrial managed switches from Germany WAGO company. A trust management issue vulnerability exists in the WAGO Industrial Managed Switches 852-303 prior to version 1.2.2.S0, 852-1305 prior to version 1.1.6.S0, and 852-1505 prior t...

Polycom RealPresence Debut Information Disclosure Vulnerability

Polycom RealPresence Debut is an enterprise-grade small video conferencing solution from Polycom, Inc. A vulnerability with trust management issues exists in versions prior to Polycom RealPresence Debut 1.3.0-66872. The vulnerability stems from the lack of an effective trust management mechanism ...

SAP Solution Manager Trust Management Issue Vulnerability

SAP Solution Manager is a set of system monitoring, SAP support desktop, self-service, ASAP implementation and other functions of the German SAP company as one of the system management platform. The platform can help customers establish SAP solution lifecycle management, and provide system...

WAGO Industrial Managed Switches 852-303, 852-1305 and 852-1505 Trust Management Issue Vulnerability

WAGO Industrial Managed Switches 852-303 and so on are a kind of industrial managed switches from Germany WAGO company. A trust management issue exists in the WAGO Industrial Managed Switches 852-303 before 1.2.2.S0, 852-1305 before 1.1.6.S0, and 852-1505 before 1.1.5.S0, which can be exploited t...

WAGO Industrial Managed Switches 852-303, 852-1305, and 852-1505

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION : Exploitable remotely/low skill level to exploit Vendor : WAGO Equipment : Industrial Managed Switches 852-303, 852-1305, and 852-1505 Vulnerabilities : Use of Hard-coded Credentials, Use of Hard-coded Cryptographic Key, Using Components with Known...

CloudBees Jenkins ElectricFlow Plugin Trust Management Issue Vulnerability

CloudBees Jenkins Hudson Labs is the United States CloudBees company's set of Java-based development of continuous integration tools. The product is mainly used to monitor the continuous software version release/testing project and some timed tasks . ElectricFlow Plugin is used in one of the...

CloudBees Jenkins JX Resources Plugin Trust Management Issue Vulnerability

CloudBees Jenkins Hudson Labs is the United States CloudBees company's set of Java-based development of continuous integration tools . The product is mainly used to monitor the continuous software version release/testing projects and some timed tasks . JX Resources Plugin is used in one of the...

Optergy Proton/Enterprise Trust Management Issue Vulnerability

Optergy Proton/Enterprise is an enterprise building management system from Optergy USA. A vulnerability with trust management issues exists in Optergy Proton/Enterprise 2.3.0a and prior versions. The vulnerability stems from the lack of an effective trust management mechanism in a networked syste...

Moxa AWK-3121 Trust Management Issues Vulnerability

Moxa AWK-3121 is an industrial-grade wireless access point from Moxa Taiwan, China. A trust management issue vulnerability exists in the Moxa AWK-3121 version 1.14, which can be exploited by an attacker to attack the affected component with a default password or hard-coded passwords and hard-code...

CVE-2019-12776

An issue was discovered on the ENTTEC Datagate MK2, Storm 24, Pixelator, and E-Streamer MK2 with firmware 70044update05032019-482. They include a hard-coded SSH backdoor for remote SSH and SCP access as the root user. A command in the relocate and relocaterevB scripts copies the hardcoded key to...

CVE-2019-4220

IBM InfoSphere Information Server 11.7.1.0 stores a common hard coded encryption key that could be used to decrypt sensitive information. IBM X-Force ID: 159229...

Hardcoded credentials

IBM InfoSphere Information Server 11.7.1.0 stores a common hard coded encryption key that could be used to decrypt sensitive information. IBM X-Force ID: 159229...

HPE Intelligent Management Center (IMC) Remote Credential Disclosure Vulnerability

HPE Intelligent Management Center IMC is a comprehensive management platform built from the ground up to support the Failure, Configuration, Accounting, Performance and Security FCAPS model. A Standard ImcLoginMgrImpl hard-coded encryption key credential disclosure vulnerability exists in HPE...

Optergy Proton Enterprise Building Management System

1. EXECUTIVE SUMMARY CVSS v3 10.0 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Optergy Equipment: Proton/Enterprise Building Management System Vulnerabilities: Information Exposure, Cross-site Request Forgery, Unrestricted Upload of File with Dangerous Type, Open Redirect,...

PT-2019-16975 · Ibm · Ibm Infosphere Information Server

Name of the Vulnerable Software and Affected Versions: IBM InfoSphere Information Server version 11.7.1.0 Description: The issue concerns a hard-coded encryption key stored in the software, which could potentially be used to decrypt sensitive information. Recommendations: For IBM InfoSphere...

CVE-2019-7672

Prima Systems FlexAir, Versions 2.3.38 and prior. The flash version of the web interface contains a hard-coded username and password, which may allow an authenticated attacker to escalate privileges...

Hardcoded credentials

Prima Systems FlexAir, Versions 2.3.38 and prior. The flash version of the web interface contains a hard-coded username and password, which may allow an authenticated attacker to escalate privileges...

CVE-2019-7672

Prima Systems FlexAir, Versions 2.3.38 and prior. The flash version of the web interface contains a hard-coded username and password, which may allow an authenticated attacker to escalate privileges...

CVE-2019-7672

Prima Systems FlexAir, Versions 2.3.38 and prior. The flash version of the web interface contains a hard-coded username and password, which may allow an authenticated attacker to escalate privileges...