Vulnerabilities > Use of Hard-coded Credentials
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-10-16 | CVE-2023-33836 | Use of Hard-coded Credentials vulnerability in IBM Security Verify Governance 10.0/10.0.1 IBM Security Verify Governance 10.0 contains hard-coded credentials, such as a password or cryptographic key, which it uses for its own inbound authentication, outbound communication to external components, or encryption of internal data. | 9.8 |
| 2023-10-11 | CVE-2023-45194 | Use of Hard-coded Credentials vulnerability in MRL products Use of default credentials vulnerability in MR-GM2 firmware Ver. | 4.3 |
| 2023-10-10 | CVE-2023-30801 | Use of Hard-coded Credentials vulnerability in Qbittorrent All versions of the qBittorrent client through 4.5.5 use default credentials when the web user interface is enabled. | 9.8 |
| 2023-10-10 | CVE-2023-45226 | Use of Hard-coded Credentials vulnerability in F5 Big-Ip Next Service Proxy for Kubernetes 1.5.0 The BIG-IP SPK TMM (Traffic Management Module) f5-debug-sidecar and f5-debug-sshd containers contains hardcoded credentials that may allow an attacker with the ability to intercept traffic to impersonate the SPK Secure Shell (SSH) server on those containers. | 7.4 |
| 2023-10-10 | CVE-2023-36380 | Use of Hard-coded Credentials vulnerability in Siemens Cp-8031 Firmware and Cp-8050 Firmware A vulnerability has been identified in CP-8031 MASTER MODULE (All versions < CPCI85 V05.11 (only with activated debug support)), CP-8050 MASTER MODULE (All versions < CPCI85 V05.11 (only with activated debug support)). | 7.8 |
| 2023-10-05 | CVE-2023-2306 | Use of Hard-coded Credentials vulnerability in Qognify Nicevision 3.1 Qognify NiceVision versions 3.1 and prior are vulnerable to exposing sensitive information using hard-coded credentials. | 9.1 |
| 2023-10-04 | CVE-2023-20101 | Use of Hard-coded Credentials vulnerability in Cisco Emergency Responder 12.5(1)Su4 A vulnerability in Cisco Emergency Responder could allow an unauthenticated, remote attacker to log in to an affected device using the root account, which has default, static credentials that cannot be changed or deleted. This vulnerability is due to the presence of static user credentials for the root account that are typically reserved for use during development. | 9.8 |
| 2023-10-03 | CVE-2022-47891 | Use of Hard-coded Credentials vulnerability in Riello-Ups Netman 204 Firmware All versions of NetMan 204 allow an attacker that knows the MAC and serial number of the device to reset the administrator password via the legitimate recovery function. | 8.8 |
| 2023-09-30 | CVE-2023-5318 | Use of Hard-coded Credentials vulnerability in Microweber Use of Hard-coded Credentials in GitHub repository microweber/microweber prior to 2.0. | 7.5 |
| 2023-09-27 | CVE-2023-41878 | Use of Hard-coded Credentials vulnerability in Metersphere MeterSphere is a one-stop open source continuous testing platform, covering functions such as test tracking, interface testing, UI testing and performance testing. | 9.8 |