Vulnerabilities > Insecure Default Initialization of Resource

DATE CVE VULNERABILITY TITLE RISK
2017-06-13 CVE-2017-6687 Insecure Default Initialization of Resource vulnerability in Cisco Ultra Services Framework Element Manager 21.0.0
A vulnerability in Cisco Ultra Services Framework Element Manager could allow an authenticated, remote attacker with access to the management network to log in to the affected device using default credentials present on the system, aka an Insecure Default Password Vulnerability.
network
low complexity
cisco CWE-1188
8.8
2017-06-13 CVE-2017-6686 Insecure Default Initialization of Resource vulnerability in Cisco Ultra Services Framework Element Manager 21.0.0
A vulnerability in Cisco Ultra Services Framework Element Manager could allow an authenticated, remote attacker with access to the management network to log in as an admin or oper user of the affected device, aka an Insecure Default Credentials Vulnerability.
network
low complexity
cisco CWE-1188
8.8
2017-06-13 CVE-2017-6685 Insecure Default Initialization of Resource vulnerability in Cisco Ultra Services Framework Staging Server 21.0.0
A vulnerability in Cisco Ultra Services Framework Staging Server could allow an authenticated, remote attacker with access to the management network to log in as an admin user of the affected device, aka an Insecure Default Credentials Vulnerability.
network
low complexity
cisco CWE-1188
8.8
2017-06-13 CVE-2017-6684 Insecure Default Initialization of Resource vulnerability in Cisco Elastic Services Controller 21.0.0
A vulnerability in Cisco Elastic Services Controllers could allow an authenticated, remote attacker to log in to an affected system as the Linux admin user, aka an Insecure Default Credentials Vulnerability.
network
low complexity
cisco CWE-1188
8.8
2017-06-13 CVE-2017-4971 Insecure Default Initialization of Resource vulnerability in Pivotal Spring web Flow
An issue was discovered in Pivotal Spring Web Flow through 2.4.4.
network
high complexity
pivotal CWE-1188
5.9
2017-05-21 CVE-2017-9137 Insecure Default Initialization of Resource vulnerability in Ceragon Fiberair Ip-10 Firmware
Ceragon FibeAir IP-10 wireless radios through 7.2.0 have a default password of mateidu for the mateidu account (a hidden user account established by the vendor).
network
low complexity
ceragon CWE-1188
7.3
2017-04-25 CVE-2017-8218 Insecure Default Initialization of Resource vulnerability in Tp-Link C20I Firmware and C2 Firmware
vsftpd on TP-Link C2 and C20i devices through firmware 0.9.1 4.2 v0032.0 Build 160706 Rel.37961n has a backdoor admin account with the 1234 password, a backdoor guest account with the guest password, and a backdoor test account with the test password.
network
low complexity
tp-link CWE-1188
critical
9.8
2017-04-19 CVE-2017-7964 Insecure Default Initialization of Resource vulnerability in Zyxel Wre6505 Firmware V1.00(Aaqb.3)C0
Zyxel WRE6505 devices have a default TELNET password of 1234 for the root and admin accounts, which makes it easier for remote attackers to conduct DNS hijacking attacks by reconfiguring the built-in dnshijacker process.
network
low complexity
zyxel CWE-1188
critical
10.0
2017-04-06 CVE-2017-3834 Insecure Default Initialization of Resource vulnerability in Cisco Aironet Access Point Firmware
A vulnerability in Cisco Aironet 1830 Series and Cisco Aironet 1850 Series Access Points running Cisco Mobility Express Software could allow an unauthenticated, remote attacker to take complete control of an affected device.
network
low complexity
cisco CWE-1188
critical
9.8
2017-03-08 CVE-2017-5178 Insecure Default Initialization of Resource vulnerability in Schneider-Electric products
An issue was discovered in Schneider Electric Tableau Server/Desktop Versions 7.0 to 10.1.3 in Wonderware Intelligence Versions 2014R3 and prior.
network
low complexity
schneider-electric CWE-1188
critical
9.8