Lucene search
K

3041 matches found

Prion
Prion
added 2023/08/09 7:15 a.m.38 views

Hardcoded credentials

In PHOENIX CONTACTs WP 6xxx series web panels in versions prior to 4.0.10 an authenticated, remote attacker with admin privileges is able to read hardcoded cryptographic keys allowing to decrypt an encrypted web application login password...

3.3CVSS5.1AI score0.00339EPSS
Exploits0References1Affected Software6
Positive Technologies
Positive Technologies
added 2023/08/08 12:0 a.m.4 views

PT-2023-4529 · Phoenix Contact · Phoenix Contact Wp 6Xxx Series Web Panels

Name of the Vulnerable Software and Affected Versions: PHOENIX CONTACT WP 6xxx series web panels versions prior to 4.0.10 Description: The issue is related to the use of hardcoded credentials in the web panels for managing and monitoring processes in industrial systems. An authenticated, remote...

7.2CVSS6.9AI score0.00441EPSS
Exploits0References7
Prion
Prion
added 2023/07/27 9:15 p.m.15 views

Hardcoded credentials

TeleAdapt RoomCast TA-2400 1.0 through 3.1 suffers from Use of a Hard-coded Password PIN: 385521, 843646, and 592671...

7.5CVSS9.4AI score0.00828EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2023/07/26 8:15 a.m.17 views

Hardcoded credentials

Fujitsu Real-time Video Transmission Gear "IP series" use hard-coded credentials, which may allow a remote unauthenticated attacker to initialize or reboot the products, and as a result, terminate the video transmission. Affected products and versions are as follows: IP-HE950E firmware versions...

5CVSS7.5AI score0.0299EPSS
Exploits0References2Affected Software11
Prion
Prion
added 2023/07/24 2:15 p.m.16 views

Hardcoded credentials

An issue was discovered in Nokia NetAct 22 through the Administration of Measurements website section. A malicious user can edit or add the templateName parameter in order to include malicious code, which is then downloaded as a .csv or .xlsx file and executed on a victim machine. Here, the...

6.5CVSS8.5AI score0.00859EPSS
Exploits1References2Affected Software1
Prion
Prion
added 2023/07/21 4:15 a.m.20 views

Hardcoded credentials

Galaxy Software Services Vitals ESP is vulnerable to using a hard-coded encryption key. An unauthenticated remote attacker can generate a valid token parameter and exploit this vulnerability to access system to operate processes and access data. This issue affects Vitals ESP: from 3.0.8 through...

7.5CVSS9.4AI score0.00347EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2023/07/19 4:15 p.m.13 views

Hardcoded credentials

A potential vulnerability has been identified in the Micro Focus Dimensions CM Plugin for Jenkins. The vulnerability allows attackers with Item/Configure permission to access and capture credentials they are not entitled to. See the following Jenkins security advisory for details:...

4CVSS6.3AI score0.0083EPSS
Exploits0References3Affected Software1
Prion
Prion
added 2023/07/19 4:15 p.m.16 views

Hardcoded credentials

A potential vulnerability has been identified in the Micro Focus Dimensions CM Plugin for Jenkins. The vulnerability allows attackers with Overall/Read permission to enumerate credentials IDs of credentials stored in Jenkins. See the following Jenkins security advisory for details:...

4CVSS6.3AI score0.00625EPSS
Exploits0References3Affected Software1
Prion
Prion
added 2023/07/15 7:15 p.m.20 views

Hardcoded credentials

Plane version 0.7.1-dev allows an attacker to change the avatar of his profile, which allows uploading files with HTML extension that interprets both HTML and JavaScript...

4.9CVSS4.8AI score0.00458EPSS
Exploits1References2Affected Software1
Prion
Prion
added 2023/07/13 2:15 a.m.23 views

Hardcoded credentials

SonicWall GMS and Analytics use outdated Tiny Encryption Algorithm TEA with a hardcoded key to encrypt sensitive data. This issue affects GMS: 9.3.2-SP1 and earlier versions; Analytics: 2.5.0.4-R7 and earlier versions...

7.5CVSS9.3AI score0.0026EPSS
Exploits0References2Affected Software2
NVD
NVD
added 2023/07/13 1:15 a.m.15 views

CVE-2023-34128

Tomcat application credentials are hardcoded in SonicWall GMS and Analytics configuration file. This issue affects GMS: 9.3.2-SP1 and earlier versions; Analytics: 2.5.0.4-R7 and earlier versions...

9.8CVSS0.00591EPSS
Exploits0References2
OSV
OSV
added 2023/07/13 1:15 a.m.5 views

CVE-2023-34128

Tomcat application credentials are hardcoded in SonicWall GMS and Analytics configuration file. This issue affects GMS: 9.3.2-SP1 and earlier versions; Analytics: 2.5.0.4-R7 and earlier versions...

9.8CVSS5.8AI score0.00591EPSS
Exploits0References2
Prion
Prion
added 2023/07/13 1:15 a.m.21 views

Hardcoded credentials

Tomcat application credentials are hardcoded in SonicWall GMS and Analytics configuration file. This issue affects GMS: 9.3.2-SP1 and earlier versions; Analytics: 2.5.0.4-R7 and earlier versions...

7.5CVSS9.4AI score0.00591EPSS
Exploits0References2Affected Software2
Vulnrichment
Vulnrichment
added 2023/07/13 12:58 a.m.11 views

CVE-2023-34128

Tomcat application credentials are hardcoded in SonicWall GMS and Analytics configuration file. This issue affects GMS: 9.3.2-SP1 and earlier versions; Analytics: 2.5.0.4-R7 and earlier versions...

7.2AI score0.00591EPSS
Exploits0References2
CVE
CVE
added 2023/07/13 12:58 a.m.162 views

CVE-2023-34128

The CVE maps to SonicWall GMS and Analytics where Tomcat credentials are hardcoded in the GMS/Analytics configuration file. Affected versions are SonicWall GMS 9.3.2-SP1 and earlier, and Analytics 2.5.0.4-R7 and earlier. Root cause: hardcoded Tomcat credentials in the configuration file, which ca...

9.8CVSS9.4AI score0.00591EPSS
In wildExploits0References2Affected Software2
CNNVD
CNNVD
added 2023/07/13 12:0 a.m.4 views

SonicWALL Analytics和GMS 安全漏洞

SonicWALL Analytics and SonicWALL GMS are both products of SonicWALL, Inc. of the U.S. SonicWALL Analytics is a high-performance management and reporting engine for the Web.SonicWALL GMS is a global management system. A powerful and intuitive solution for organizations, distributed enterprises an...

9.8CVSS8.3AI score0.00591EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2023/07/12 12:0 a.m.4 views

PT-2023-5755 · Sonicwall +1 · Sonicwall Gms +2

Name of the Vulnerable Software and Affected Versions: SonicWall GMS versions 9.3.2-SP1 and earlier SonicWall Analytics versions 2.5.0.4-R7 and earlier Description: The issue is related to hardcoded Tomcat application credentials in the SonicWall GMS and Analytics configuration file. This could...

9.8CVSS9.1AI score0.00591EPSS
Exploits0References7
Prion
Prion
added 2023/07/11 7:15 p.m.23 views

Hardcoded credentials

Pimcore Admin Classic Bundle provides a Backend UI for Pimcore based on the ExtJS framework. An admin who has not setup two factor authentication before is vulnerable for this attack, without need for any form of privilege, causing the application to execute arbitrary scripts/HTML content. This...

5.8CVSS6.6AI score0.00535EPSS
Exploits0References3Affected Software1
Prion
Prion
added 2023/07/10 2:15 a.m.18 views

Hardcoded credentials

SmartBPM.NET has a vulnerability of using hard-coded authentication key. An unauthenticated remote attacker can exploit this vulnerability to access system with regular user privilege to read application data, and execute submission and approval processes...

6.4CVSS9.3AI score0.00716EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2023/07/05 8:15 p.m.20 views

Hardcoded credentials

The root password of the Loxone Miniserver Go Gen.2 before 14.2 is calculated using hard-coded secrets and the MAC address. This allows a local user to calculate the root password and escalate privileges...

4.3CVSS7.7AI score0.00271EPSS
Exploits1References2Affected Software1
Rows per page
Query Builder