Lucene search
K

8 matches found

RedhatCVE
RedhatCVE
added 2025/03/19 1:16 p.m.7 views

CVE-2024-54027

A Use of Hard-coded Cryptographic Key vulnerability CWE-321 in FortiSandbox version 4.4.6 and below, version 4.2.7 and below, version 4.0.5 and below, version 3.2.4 and below, version 3.1.5 and below, version 3.0.7 to 3.0.5 may allow a privileged attacker with super-admin profile and CLI access t...

8.2CVSS6.6AI score0.00148EPSS
Exploits0References1
CVE
CVE
added 2025/03/17 1:5 p.m.59 views

CVE-2024-54027

CVE-2024-54027 describes a Use of Hard-coded Cryptographic Key (CWE-321) in Fortinet FortiSandbox. Affected versions include 4.4.6 and below, 4.2.7 and below, 4.0.5 and below, 3.2.4 and below, 3.1.5 and below, and 3.0.7 to 3.0.5. A privileged attacker with a super-admin profile and CLI access can...

8.2CVSS6.6AI score0.00148EPSS
Exploits0References1Affected Software1
Rapid7 Blog
Rapid7 Blog
added 2023/03/21 6:54 p.m.75 views

CVE-2023-0391: MGT-COMMERCE CloudPanel Shared Certificate Vulnerability and Weak Installation Procedures

While using the popular self-hosted web administration solution, CloudPanel from MGT-COMMERCE, Rapid7 researcher Tod Beardsley discovered three security concerns. The first, an issue involving the trustworthiness of the installation script provided by the vendor, was an instance of CWE-494:...

7.8AI score0.00599EPSS
Exploits1
ICS
ICS
added 2022/12/05 7:0 a.m.262 views

Mitsubishi Electric FA Engineering Software (Update C)

1. EXECUTIVE SUMMARY CVSS v3 9.1 ATTENTION: Exploitable remotely/low attack complexity Vendor: Mitsubishi Electric Equipment: GX Works3, MX OPC UA Module Configurator-R Vulnerabilities: Cleartext Storage of Sensitive Information, Use of Hard-coded Password, Insufficiently Protected Credentials,...

9.1CVSS8.7AI score0.0129EPSS
Exploits0References11
ICS
ICS
added 2022/02/01 12:0 a.m.50 views

Advantech ADAM-3600

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: Advantech Equipment: ADAM-3600 Vulnerability: Use of Hard-coded Cryptographic Key 2. RISK EVALUATION Successful exploitation of this vulnerability could allow unauthorized access to intercept traffic...

9.8CVSS9.9AI score0.01211EPSS
Exploits0References5
NVD
NVD
added 2021/12/16 7:15 p.m.16 views

CVE-2021-41028

A combination of a use of hard-coded cryptographic key vulnerability CWE-321 in FortiClientEMS 7.0.1 and below, 6.4.6 and below and an improper certificate validation vulnerability CWE-297 in FortiClientWindows, FortiClientLinux and FortiClientMac 7.0.1 and below, 6.4.6 and below may allow an...

8.2CVSS0.00213EPSS
Exploits0References1
CVE
CVE
added 2021/12/16 6:13 p.m.72 views

CVE-2021-41028

CVE-2021-41028 affects Fortinet FortiClient EMS up to 7.0.1 (and 6.4.6 and below) and FortiClient components for Windows, Linux, and macOS up to 7.0.1 and 6.4.6 and below. The root causes are a hard-coded cryptographic key in FortiClientEMS and improper certificate validation in FortiClient clien...

8.2CVSS7.4AI score0.00213EPSS
Exploits0References1Affected Software2
CVE
CVE
added 2017/11/01 2:0 a.m.67 views

CVE-2017-14021

CVE-2017-14021 applies to Korenix JetNet devices (JetNet5018G 1.4, JetNet5310G 1.4a, JetNet5428G-2G-2FX 1.4, JetNet5628G-R 1.4, JetNet5628G 1.4, JetNet5728G-24P 1.4, JetNet5828G 1.1d, JetNet6710G-HVDC 1.1e, JetNet6710G 1.1). It involves a Use of Hard-coded Cryptographic Key CWE-321, enabling acce...

10CVSS9.3AI score0.01923EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder