Vulnerabilities > Insecure Default Initialization of Resource

DATE CVE VULNERABILITY TITLE RISK
2017-07-25 CVE-2017-6750 Insecure Default Initialization of Resource vulnerability in Cisco products
A vulnerability in AsyncOS for the Cisco Web Security Appliance (WSA) could allow an unauthenticated, local attacker to log in to the device with the privileges of a limited user or an unauthenticated, remote attacker to authenticate to certain areas of the web GUI, aka a Static Credentials Vulnerability.
network
low complexity
cisco CWE-1188
7.5
2017-06-13 CVE-2017-6692 Insecure Default Initialization of Resource vulnerability in Cisco Ultra Services Framework Element Manager 21.0.V0.65839
A vulnerability in Cisco Ultra Services Framework Element Manager could allow an authenticated, remote attacker to log in to the device with the privileges of the root user, aka an Insecure Default Account Information Vulnerability.
network
low complexity
cisco CWE-1188
8.8
2017-06-13 CVE-2017-6689 Insecure Default Initialization of Resource vulnerability in Cisco Elastic Services Controller 2.2(9.76)
A vulnerability in the ConfD CLI of Cisco Elastic Services Controllers could allow an authenticated, remote attacker to log in to an affected system as the admin user, aka an Insecure Default Administrator Credentials Vulnerability.
network
low complexity
cisco CWE-1188
8.8
2017-06-13 CVE-2017-6688 Insecure Default Initialization of Resource vulnerability in Cisco Elastic Services Controller 2.2(9.76)
A vulnerability in Cisco Elastic Services Controllers could allow an authenticated, remote attacker to log in to an affected system as the Linux root user, aka an Insecure Default Password Vulnerability.
network
low complexity
cisco CWE-1188
8.8
2017-06-13 CVE-2017-6687 Insecure Default Initialization of Resource vulnerability in Cisco Ultra Services Framework Element Manager 21.0.0
A vulnerability in Cisco Ultra Services Framework Element Manager could allow an authenticated, remote attacker with access to the management network to log in to the affected device using default credentials present on the system, aka an Insecure Default Password Vulnerability.
network
low complexity
cisco CWE-1188
8.8
2017-06-13 CVE-2017-6686 Insecure Default Initialization of Resource vulnerability in Cisco Ultra Services Framework Element Manager 21.0.0
A vulnerability in Cisco Ultra Services Framework Element Manager could allow an authenticated, remote attacker with access to the management network to log in as an admin or oper user of the affected device, aka an Insecure Default Credentials Vulnerability.
network
low complexity
cisco CWE-1188
8.8
2017-06-13 CVE-2017-6685 Insecure Default Initialization of Resource vulnerability in Cisco Ultra Services Framework Staging Server 21.0.0
A vulnerability in Cisco Ultra Services Framework Staging Server could allow an authenticated, remote attacker with access to the management network to log in as an admin user of the affected device, aka an Insecure Default Credentials Vulnerability.
network
low complexity
cisco CWE-1188
8.8
2017-06-13 CVE-2017-6684 Insecure Default Initialization of Resource vulnerability in Cisco Elastic Services Controller 21.0.0
A vulnerability in Cisco Elastic Services Controllers could allow an authenticated, remote attacker to log in to an affected system as the Linux admin user, aka an Insecure Default Credentials Vulnerability.
network
low complexity
cisco CWE-1188
8.8
2017-06-13 CVE-2017-4971 Insecure Default Initialization of Resource vulnerability in Pivotal Spring web Flow
An issue was discovered in Pivotal Spring Web Flow through 2.4.4.
network
high complexity
pivotal CWE-1188
5.9
2017-05-21 CVE-2017-9137 Insecure Default Initialization of Resource vulnerability in Ceragon Fiberair Ip-10 Firmware
Ceragon FibeAir IP-10 wireless radios through 7.2.0 have a default password of mateidu for the mateidu account (a hidden user account established by the vendor).
network
low complexity
ceragon CWE-1188
7.3