Vulnerabilities > CVE-2014-2363 - Hardcoded Credentials Security Bypass vulnerability in Morpho Itemiser 3 8.17

CVSS 10.0 - CRITICAL

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

COMPLETE

Integrity impact

COMPLETE

Availability impact

COMPLETE

network

low complexity

morpho

critical

NVD

Published: 2014-07-26

Updated: 2014-07-28

Summary

Morpho Itemiser 3 8.17 has hardcoded administrative credentials, which makes it easier for remote attackers to obtain access via a login request. <a href="http://cwe.mitre.org/data/definitions/798.html" target="_blank">CWE-798: Use of Hard-coded Credentials</a>

Vulnerable Configurations

Part	Description	Count
Hardware	Morpho Morpho Itemiser 3 8.17	1

References

http://ics-cert.us-cert.gov/advisories/ICSA-14-205-01