Vulnerabilities > Use of Hard-coded Credentials
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-11-22 | CVE-2017-2720 | Use of Hard-coded Credentials vulnerability in Huawei Fusionsphere Openstack V100R006C00 FusionSphere OpenStack V100R006C00 has an information exposure vulnerability. | 5.3 |
| 2017-11-16 | CVE-2017-11026 | Use of Hard-coded Credentials vulnerability in Google Android In android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, while flashing FRP partition using reference FRP unlock, authentication method can be compromised for static keys. | 7.8 |
| 2017-11-16 | CVE-2017-12350 | Use of Hard-coded Credentials vulnerability in Cisco Umbrella Insights Virtual Appliance A vulnerability in Cisco Umbrella Insights Virtual Appliances 2.1.0 and earlier could allow an authenticated, local attacker to log in to an affected virtual appliance with root privileges. | 8.2 |
| 2017-11-01 | CVE-2017-14027 | Use of Hard-coded Credentials vulnerability in Korenix products A Use of Hard-coded Credentials issue was discovered in Korenix JetNet JetNet5018G version 1.4, JetNet5310G version 1.4a, JetNet5428G-2G-2FX version 1.4, JetNet5628G-R version 1.4, JetNet5628G version 1.4, JetNet5728G-24P version 1.4, JetNet5828G version 1.1d, JetNet6710G-HVDC version 1.1e, and JetNet6710G version 1.1. | 9.8 |
| 2017-11-01 | CVE-2017-14021 | Use of Hard-coded Credentials vulnerability in Korenix products A Use of Hard-coded Cryptographic Key issue was discovered in Korenix JetNet JetNet5018G version 1.4, JetNet5310G version 1.4a, JetNet5428G-2G-2FX version 1.4, JetNet5628G-R version 1.4, JetNet5628G version 1.4, JetNet5728G-24P version 1.4, JetNet5828G version 1.1d, JetNet6710G-HVDC version 1.1e, and JetNet6710G version 1.1. | 9.8 |
| 2017-11-01 | CVE-2017-14376 | Use of Hard-coded Credentials vulnerability in EMC Appsync EMC AppSync Server prior to 3.5.0.1 contains database accounts with hardcoded passwords that could potentially be exploited by malicious users to compromise the affected system. | 7.8 |
| 2017-10-27 | CVE-2017-15582 | Use of Hard-coded Credentials vulnerability in Writediary Diary With Lock 4.72 In net.MCrypt in the "Diary with lock" (aka WriteDiary) application 4.72 for Android, hardcoded SecretKey and iv variables are used for the AES parameters, which makes it easier for attackers to obtain the cleartext of stored diary entries. | 7.5 |
| 2017-10-26 | CVE-2017-15909 | Use of Hard-coded Credentials vulnerability in Dlink Dgs-1500 Firmware 2.10.002/2.50.008/2.51.005 D-Link DGS-1500 Ax devices before 2.51B021 have a hardcoded password, which allows remote attackers to obtain shell access. | 9.8 |
| 2017-10-22 | CVE-2017-12317 | Use of Hard-coded Credentials vulnerability in Cisco Advanced Malware Protection The Cisco AMP For Endpoints application allows an authenticated, local attacker to access a static key value stored in the local application software. | 6.7 |
| 2017-10-13 | CVE-2017-10616 | Use of Hard-coded Credentials vulnerability in Juniper Contrail The ifmap service that comes bundled with Juniper Networks Contrail releases uses hard coded credentials. | 5.3 |