Hardcoded credentials

IBM System Networking G8052, G8124, G8124-E, G8124-ER, G8264, G8316, and G8264-T switches before 7.9.10.0; EN4093, EN4093R, CN4093, SI4093, EN2092, and G8264CS switches before 7.8.6.0; Flex System Interconnect Fabric before 7.8.6.0; 1G L2-7 SLB switch for Bladecenter before 21.0.21.0; 10G VFSM fo...

CVE-2014-4752

IBM System Networking G8052, G8124, G8124-E, G8124-ER, G8264, G8316, and G8264-T switches before 7.9.10.0; EN4093, EN4093R, CN4093, SI4093, EN2092, and G8264CS switches before 7.8.6.0; Flex System Interconnect Fabric before 7.8.6.0; 1G L2-7 SLB switch for Bladecenter before 21.0.21.0; 10G VFSM fo...

CVE-2014-4752

CVE-2014-4752 affects IBM System Networking Switches and related components with hardcoded, non-changeable credentials in firmware, enabling remote access via unspecified attack vectors. Affected products include IBM Flex System Fabric EN4093/EN4093R 10Gb switches (<7.8.6.0), CN4093, SI4093, E...

Hardcoded credentials

The Vault-Hide SMS, Pics & Videos aka com.netqin.ps application 5.0.14.22 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate...

Hardcoded credentials

The web interface in Schrack Technik microControl with firmware before 1.7.0 937 has a hardcoded password of not for the "user" account, which makes it easier for remote attackers to obtain access via unspecified vectors...

CVE-2014-0326

The Pilot Below Deck Equipment BDE and OpenPort implementations on Iridium satellite terminals allow remote attackers to read hardcoded credentials via the web interface...

CVE-2014-0326

The Pilot Below Deck Equipment BDE and OpenPort implementations on Iridium satellite terminals allow remote attackers to read hardcoded credentials via the web interface...

CVE-2014-0326

CVE-2014-0326 affects Iridium Pilot BDE (Below Deck Equipment) and OpenPort devices, where the web interface exposes hardcoded administrator credentials. The root cause is hardcoded credentials (CWE-798) and an insecure protocol that allows unauthenticated remote access to privileged functions (C...

CVE-2014-2941

Cobham Sailor 6000 satellite terminals have hardcoded Tbus 2 credentials, which allows remote attackers to obtain access via a TBUS2 command. NOTE: the vendor reportedly states "there is no possibility to exploit another user's credentials...

CVE-2014-2940

Cobham Sailor 900 and 6000 satellite terminals with firmware 1.08 MFHF and 2.11 VHF have hardcoded credentials for the administrator account, which allows attackers to obtain administrative control by leveraging physical access or terminal access...

Hardcoded credentials

Cobham Aviator 700D and 700E satellite terminals have hardcoded passwords for the 1 debug, 2 prod, 3 do160, and 4 flrp programs, which allows physically proximate attackers to gain privileges by sending a password over a serial line...

Hardcoded credentials

Cobham Sailor 6000 satellite terminals have hardcoded Tbus 2 credentials, which allows remote attackers to obtain access via a TBUS2 command. NOTE: the vendor reportedly states "there is no possibility to exploit another user's credentials...

Hardcoded credentials

Cobham Sailor 900 and 6000 satellite terminals with firmware 1.08 MFHF and 2.11 VHF have hardcoded credentials for the administrator account, which allows attackers to obtain administrative control by leveraging physical access or terminal access...

CVE-2014-2941

Cobham Sailor 6000 satellite terminals have hardcoded Tbus 2 credentials, which allows remote attackers to obtain access via a TBUS2 command. NOTE: the vendor reportedly states "there is no possibility to exploit another user's credentials...

CVE-2014-2941

Cobham Sailor 6000 satellite terminals are affected by a hardcoded Tbus 2 credential issue. An unauthenticated attacker could send arbitrary TBUS2 commands, potentially impacting terminal operation. The vendor statement disputes credential reuse across users and notes security enhancements in a l...

CVE-2014-2940

CVE-2014-2940 affects Cobham Sailor 900 and 6000 satellite terminals running firmware 1.08 MFHF / 2.11 VHF, where hardcoded administrator credentials are present. The NVD entry notes that an attacker could obtain full administrative control, with exploitation requiring either physical access to t...

PT-2014-4971 · Cobham · Cobham Sailor 6000

Name of the Vulnerable Software and Affected Versions: Cobham Sailor 6000 satellite terminals affected versions not specified Description: The issue concerns hardcoded Tbus 2 credentials in Cobham Sailor 6000 satellite terminals. This allows remote attackers to obtain access via a TBUS2 command...

CVE-2013-5433

The CVE-2013-5433 issue concerns the Data Growth Solution for JD Edwards EnterpriseOne used with IBM InfoSphere Optim 3.0–9.1, where hardcoded database credentials are stored within the solution. This allows remote authenticated users to disclose sensitive information by reading an unspecified fi...

CVE-2013-5433

The Data Growth Solution for JD Edwards EnterpriseOne in IBM InfoSphere Optim 3.0 through 9.1 has hardcoded database credentials, which allows remote authenticated users to obtain sensitive information by reading an unspecified field in an XML document...

Cobham Sailor satellite terminals contain hardcoded credentials

Overview Cobham Sailor 900 and 6000 series satellite terminals contain hardcoded credentials. Description CWE-798: Use of Hard-coded Credentials IOActive reports that Cobham Sailor 900 and 6000 series satellite communication terminals running firmware version: 1.08 MFHF / 2.11 VHF contain hardcod...