3023 matches found
Schneider Electric EcoStruxure IT Gateway Trust Management Issue Vulnerability
Schneider Electric EcoStruxure IT Gateway is a suite of cloud-based Data Center Management-as-a-Service DMaaS products from Schneider Electric, France. A trust management issue vulnerability exists in Schneider Electric EcoStruxure IT Gateway version 1.20.x and prior versions, which stems from th...
CVE-2024-2420
LenelS2 NetBox access control and event monitoring system was discovered to contain Hardcoded Credentials in versions prior to and including 5.6.1 which allows an attacker to bypass authentication requirements...
CVE-2024-2420
LenelS2 NetBox access control and event monitoring system was discovered to contain Hardcoded Credentials in versions prior to and including 5.6.1 which allows an attacker to bypass authentication requirements...
CVE-2024-2420 LenelS2 NetBox Hardcoded Credentials
LenelS2 NetBox access control and event monitoring system was discovered to contain Hardcoded Credentials in versions prior to and including 5.6.1 which allows an attacker to bypass authentication requirements...
CVE-2024-2420
Summary: CVE-2024-2420 affects LenelS2 NetBox access control and event monitoring system. A hard-coded credential vulnerability in versions prior to and including 5.6.1 allows an attacker to bypass authentication. Affected product/versions are LenelS2 NetBox
CVE-2024-2420 LenelS2 NetBox Hardcoded Credentials
LenelS2 NetBox access control and event monitoring system was discovered to contain Hardcoded Credentials in versions prior to and including 5.6.1 which allows an attacker to bypass authentication requirements...
CVE-2024-36049
Aptos Wisal Payroll Accounting prior to version 7.1.6 is affected by a vulnerability where the Windows client uses hardcoded credentials to fetch the full list of usernames and passwords from the database over an unencrypted connection. This enables a machine-in-the-middle attacker to read and wr...
CVE-2024-36049
Aptos Wisal payroll accounting before 7.1.6 uses hardcoded credentials in the Windows client to fetch the complete list of usernames and passwords from the database server, using an unencrypted connection. This allows attackers in a machine-in-the-middle position read and write access to personal...
CVE-2024-36049
Aptos Wisal payroll accounting before 7.1.6 uses hardcoded credentials in the Windows client to fetch the complete list of usernames and passwords from the database server, using an unencrypted connection. This allows attackers in a machine-in-the-middle position read and write access to personal...
PT-2024-26862 · Aptos +1 · Aptos Wisal Payroll Accounting +1
Name of the Vulnerable Software and Affected Versions: Aptos Wisal payroll accounting versions prior to 7.1.6 Description: The issue allows attackers in a machine-in-the-middle position to gain read and write access to personally identifiable information PII and payroll data. It also enables them...
WordPress Visual Website Collaboration, Feedback & Project Management – Atarim plugin <= 3.22.6 - Hardcoded Credentials vulnerability
Hardcoded Credentials vulnerability discovered by Lucio Sá in WordPress Plugin Atarim versions = 3.22.6...
CVE-2024-2038
The Visual Website Collaboration, Feedback & Project Management – Atarim plugin for WordPress is vulnerable to unauthorized access in all versions up to, and including, 3.22.6. This is due to the use of hardcoded credentials to authenticate all the incoming API requests. This makes it possible fo...
CVE-2024-2038
CVE-2024-2038 affects the Visual Website Collaboration, Feedback & Project Management – Atarim WordPress plugin. The vulnerability arises from hardcoded credentials used to authenticate all incoming API requests, enabling unauthorized access. Exploitation allows unauthenticated attackers to modif...
CVE-2024-2038 Visual Website Collaboration, Feedback & Project Management – Atarim <= 3.22.6 - Hardcoded Credentials
The Visual Website Collaboration, Feedback & Project Management – Atarim plugin for WordPress is vulnerable to unauthorized access in all versions up to, and including, 3.22.6. This is due to the use of hardcoded credentials to authenticate all the incoming API requests. This makes it possible fo...
CVE-2024-2038 Visual Website Collaboration, Feedback & Project Management – Atarim <= 3.22.6 - Hardcoded Credentials
The Visual Website Collaboration, Feedback & Project Management – Atarim plugin for WordPress is vulnerable to unauthorized access in all versions up to, and including, 3.22.6. This is due to the use of hardcoded credentials to authenticate all the incoming API requests. This makes it possible fo...
PT-2024-18654 · WordPress · Atarim
Name of the Vulnerable Software and Affected Versions: The Visual Website Collaboration, Feedback & Project Management – Atarim plugin for WordPress versions up to, and including, 3.22.6 Description: The issue is due to the use of hardcoded credentials to authenticate all incoming API requests...
CVE-2024-4844
Hardcoded credentials vulnerability in Trellix ePolicy Orchestrator ePO on Premise prior to 5.10 Service Pack 1 Update 2 allows an attacker with admin privileges on the ePO server to read the contents of the orion.keystore file, allowing them to access the ePO database encryption key. This was...
CVE-2024-4844
Hardcoded credentials vulnerability in Trellix ePolicy Orchestrator ePO on Premise prior to 5.10 Service Pack 1 Update 2 allows an attacker with admin privileges on the ePO server to read the contents of the orion.keystore file, allowing them to access the ePO database encryption key. This was...
CVE-2024-4844
CVE-2024-4844 concerns Trellix ePolicy Orchestrator (ePO) on Premise prior to 5.10 Service Pack 1 Update 2. The issue is a hardcoded credential in the keystore, allowing an attacker with admin privileges on the ePO server to read the orion.keystore contents and access the ePO database encryption ...
PT-2024-33110 · Trellix · Trellix Epolicy Orchestrator
Name of the Vulnerable Software and Affected Versions: Trellix ePolicy Orchestrator ePO on Premise versions prior to 5.10 Service Pack 1 Update 2 Description: A hardcoded credentials issue allows an attacker with admin privileges on the ePO server to read the contents of the orion.keystore file,...