Vulnerabilities > CVE-2015-6032 - Credentials Management vulnerability in Qolsys IQ Panel

CVSS 9.3 - CRITICAL

Attack vector

NETWORK

Attack complexity

MEDIUM

Privileges required

NONE

Confidentiality impact

COMPLETE

Integrity impact

COMPLETE

Availability impact

COMPLETE

network

qolsys

CWE-255

critical

NVD

Published: 2015-10-31

Updated: 2015-11-02

Summary

Qolsys IQ Panel (aka QOL) before 1.5.1 has hardcoded cryptographic keys, which allows remote attackers to create digital signatures for code by leveraging knowledge of a key from a different installation.

Vulnerable Configurations

Part	Description	Count
Application	Qolsys Qolsys IQ Panel *	1

Common Weakness Enumeration (CWE)

CWE-255 - Credentials Management

References

http://www.kb.cert.org/vuls/id/573848