CVE-2014-4010

The vulnerability CVE-2014-4010 affects SAP Transaction Data Pool, which contains hardcoded credentials. The root cause is hardcoded credentials enabling remote attackers to obtain access via unspecified vectors. The NVD entry assigns a CVSS v2 base score of 5.0 (Medium) with Network attack vecto...

CVE-2014-4006

The CVE-2014-4006 entry concerns the SAP Trader’s and Scheduler’s Workbench (TSW) for SAP Oil & Gas, where hardcoded credentials are present. This flaw can enable remote access for an attacker via unspecified vectors. The vulnerability is documented in multiple sources (NVD entry and related reco...

CVE-2014-4011

SAP Capacity Leveling has hardcoded credentials, which makes it easier for remote attackers to obtain access via unspecified vectors...

CVE-2014-4005

The CVE-2014-4005 entry concerns a SAP Brazil add-on that contains hardcoded credentials. This vulnerability could allow remote attackers to obtain access via unspecified vectors. The available sources identify the issue and its impact but do not provide specific product versions, exploit details...

CVE-2014-4008

SAP Web Services Tool CA-WUI-WST has hardcoded credentials, which makes it easier for remote attackers to obtain access via unspecified vectors...

CVE-2014-4009

CVE-2014-4009 affects SAP CCMS Monitoring (BC-CCM-MON), where hardcoded credentials enable remote attackers to obtain access via unspecified vectors. The connected sources confirm the issue but do not provide product versions, affected components beyond BC-CCM-MON, or explicit remediation steps i...

SAP NetWeaver - Hardcoded credentials

Application: SAP NetWeaver Vendor URL: http://www.sap.com Bugs: Hardcoded credentials Reported: 06.03.2014 Vendor response: 07.03.2014 Date of Public Advisory: 15.06.2015 Reference: SAP Security Note 2059659 Authors: Rustem Gazizov, Diana Grigorieva ERPScan VULNERABILITY INFORMATION Class:...

SAP NetWeaver - Hardcoded Credentials

Application: SAP NetWeaver Vendor URL: http://www.sap.com Bugs: Hardcoded credentials Reported: 06.03.2014 Vendor response: 07.03.2014 Date of Public Advisory: 15.06.2015 Reference: SAP Security Note 2057982 Authors: Rustem Gazizov, Diana Grigorieva ERPScan VULNERABILITY INFORMATION Class:...

Hardcoded credentials

The My Home implementation in the blockhtmlpluginfile function in blocks/html/lib.php in Moodle through 2.3.11, 2.4.x before 2.4.10, 2.5.x before 2.5.6, and 2.6.x before 2.6.3 does not properly restrict file access, which allows remote attackers to obtain sensitive information by visiting an HTML...

CVE-2014-2350

Emerson DeltaV 10.3.1, 11.3, 11.3.1, and 12.3 uses hardcoded credentials for diagnostic services, which allows remote attackers to bypass intended access restrictions via a TCP session, as demonstrated by a session that uses the telnet program...

Hardcoded credentials

Emerson DeltaV 10.3.1, 11.3, 11.3.1, and 12.3 uses hardcoded credentials for diagnostic services, which allows remote attackers to bypass intended access restrictions via a TCP session, as demonstrated by a session that uses the telnet program...

CVE-2014-2350 Emerson DeltaV Use of Hard-coded Credentials

Emerson DeltaV 10.3.1, 11.3, 11.3.1, and 12.3 uses hardcoded credentials for diagnostic services, which allows remote attackers to bypass intended access restrictions via a TCP session, as demonstrated by a session that uses the telnet program...

CVE-2014-2350

Technical details for CVE-2014-2350 are not publicly available in the provided documents; monitor for updates.

PT-2014-1222 · Emerson · Emerson Deltav

Name of the Vulnerable Software and Affected Versions: Emerson DeltaV versions 10.3.1 through 12.3 Description: The issue is related to errors that occur when changing access control rules through the Telnet protocol, allowing an attacker to gain access to applications via Telnet to run commands ...

Seagate BlackArmor NAS - Multiple Vulnerabilities

Seagate BlackArmor NAS - Multiple Vulnerabilities Exploit Title: Seagate BlackArmor NAS Multiple Vulnerabilities Date: 2/17/14 Exploit Author: Shayan Sadigh twitter.com/r1pplex | Vendor Homepage: http://www.seagate.com/external-hard-drives/network-storage/ Version: All BlackArmor NAS devices...

Seagate BlackArmor NAS - Multiple Vulnerabilities

Exploit for hardware platform in category web applications Exploit Title: Seagate BlackArmor NAS Multiple Vulnerabilities Date: 2/17/14 Exploit Author: Shayan Sadigh twitter.com/r1pplex | Vendor Homepage: http://www.seagate.com/external-hard-drives/network-storage/ Version: All BlackArmor NAS...

CVE-2014-2752

SAP Business Object Processing Framework BOPF for ABAP has hardcoded credentials, which makes it easier for remote attackers to obtain access via unspecified vectors...

CVE-2014-2751

SAP Print and Output Management has hardcoded credentials, which makes it easier for remote attackers to obtain access via unspecified vectors...

Hardcoded credentials

SAP Print and Output Management has hardcoded credentials, which makes it easier for remote attackers to obtain access via unspecified vectors...

Hardcoded credentials

SAP Business Object Processing Framework BOPF for ABAP has hardcoded credentials, which makes it easier for remote attackers to obtain access via unspecified vectors...