Vulnerabilities > Akkadianlabs
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-07-22 | CVE-2021-31579 | Use of Hard-coded Credentials vulnerability in Akkadianlabs OVA Appliance and Provisioning Manager Akkadian Provisioning Manager Engine (PME) ships with a hard-coded credential, akkadianuser:haakkadianpassword. | 9.8 |
| 2021-07-22 | CVE-2021-31580 | OS Command Injection vulnerability in Akkadianlabs OVA Appliance and Provisioning Manager The restricted shell provided by Akkadian Provisioning Manager Engine (PME) can be bypassed by switching the OpenSSH channel from `shell` to `exec` and providing the ssh client a single execution parameter. | 9.8 |
| 2021-07-22 | CVE-2021-31581 | Cleartext Storage of Sensitive Information vulnerability in Akkadianlabs OVA Appliance and Provisioning Manager The restricted shell provided by Akkadian Provisioning Manager Engine (PME) can be escaped by abusing the 'Edit MySQL Configuration' command. | 4.4 |
| 2021-07-01 | CVE-2020-27361 | Exposure of Resource to Wrong Sphere vulnerability in Akkadianlabs Akkadian Provisioning Manager 4.50.02 An issue exists within Akkadian Provisioning Manager 4.50.02 which allows attackers to view sensitive information within the /pme subdirectories. | 7.5 |
| 2021-07-01 | CVE-2020-27362 | Incorrect Authorization vulnerability in Akkadianlabs Akkadian Provisioning Manager 4.50.02 An issue exists within the SSH console of Akkadian Provisioning Manager 4.50.02 which allows a low-level privileged user to escape the web configuration file editor and escalate privileges. | 8.8 |