Vulnerabilities > Use of Hard-coded Credentials
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-11-15 | CVE-2024-49060 | Azure Stack HCI Elevation of Privilege Vulnerability | 8.8 |
| 2024-11-13 | CVE-2024-7295 | Use of Hard-coded Credentials vulnerability in Progress Telerik Report Server In Progress® Telerik® Report Server versions prior to 2024 Q4 (10.3.24.1112), the encryption of local asset data used an older algorithm which may allow a sophisticated actor to decrypt this information. | 6.2 |
| 2024-11-04 | CVE-2024-10748 | Use of Hard-coded Credentials vulnerability in Cosmote What'S UP 4.47.3 A vulnerability, which was classified as problematic, has been found in Cosmote Greece What's Up App 4.47.3 on Android. | 4.7 |
| 2024-11-01 | CVE-2024-51431 | Use of Hard-coded Credentials vulnerability in Lb-Link Bl-Wr1300H Firmware 1.0.4 LB-LINK BL-WR 1300H v.1.0.4 contains hardcoded credentials stored in /etc/shadow which are easily guessable. | 9.8 |
| 2024-10-30 | CVE-2024-28875 | Use of Hard-coded Credentials vulnerability in Level1 Wbr-6012 Firmware R0.40E6 A security flaw involving hard-coded credentials in LevelOne WBR-6012's web services allows attackers to gain unauthorized access during the first 30 seconds post-boot. | 8.1 |
| 2024-10-30 | CVE-2024-31151 | Use of Hard-coded Credentials vulnerability in Level1 Wbr-6012 Firmware R0.40E6 A security flaw involving hard-coded credentials in LevelOne WBR-6012's web services allows attackers to gain unauthorized access during the first 30 seconds post-boot. | 9.8 |
| 2024-10-29 | CVE-2024-45656 | IBM Flexible Service Processor (FSP) FW860.00 through FW860.B3, FW950.00 through FW950.C0, FW1030.00 through FW1030.61, FW1050.00 through FW1050.21, and FW1060.00 through FW1060.10 has static credentials which may allow network users to gain service privileges to the FSP. | 9.8 |
| 2024-10-23 | CVE-2024-20412 | Use of Hard-coded Credentials vulnerability in Cisco Firepower Threat Defense A vulnerability in Cisco Firepower Threat Defense (FTD) Software for Cisco Firepower 1000, 2100, 3100, and 4200 Series could allow an unauthenticated, local attacker to access an affected system using static credentials. This vulnerability is due to the presence of static accounts with hard-coded passwords on an affected system. | 8.4 |
| 2024-10-23 | CVE-2024-5764 | Use of Hard-coded Credentials vulnerability in Sonatype Nexus Use of Hard-coded Credentials vulnerability in Sonatype Nexus Repository has been discovered in the code responsible for encrypting any secrets stored in the Nexus Repository configuration database (SMTP or HTTP proxy credentials, user tokens, tokens, among others). | 6.5 |
| 2024-10-18 | CVE-2024-4740 | Use of Hard-coded Credentials vulnerability in Moxa Mxsecurity 1.0/1.0.1 MXsecurity software versions v1.1.0 and prior are vulnerable because of the use of hard-coded credentials. | 7.5 |