Vulnerabilities > Use of Hard-coded Credentials
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-07-26 | CVE-2023-38433 | Use of Hard-coded Credentials vulnerability in Fujitsu products Fujitsu Real-time Video Transmission Gear "IP series" use hard-coded credentials, which may allow a remote unauthenticated attacker to initialize or reboot the products, and as a result, terminate the video transmission. | 7.5 |
| 2023-07-18 | CVE-2023-35763 | Use of Hard-coded Credentials vulnerability in Iagona Scrutisweb 2.1.37 Iagona ScrutisWeb versions 2.1.37 and prior are vulnerable to a cryptographic vulnerability that could allow an unauthenticated user to decrypt encrypted passwords into plaintext. | 5.5 |
| 2023-07-13 | CVE-2023-34123 | Use of Hard-coded Credentials vulnerability in Sonicwall Analytics and Global Management System Use of Hard-coded Cryptographic Key vulnerability in SonicWall GMS, SonicWall Analytics. | 7.5 |
| 2023-07-05 | CVE-2023-36623 | Use of Hard-coded Credentials vulnerability in Loxone Miniserver GO GEN 2 Firmware 14.1.5.9 The root password of the Loxone Miniserver Go Gen.2 before 14.2 is calculated using hard-coded secrets and the MAC address. | 7.8 |
| 2023-07-05 | CVE-2023-34338 | Use of Hard-coded Credentials vulnerability in AMI Megarac Sp-X 12/13 AMI SPx contains a vulnerability in the BMC where an Attacker may cause a use of hard-coded cryptographic key by a hard-coded certificate. | 9.8 |
| 2023-07-05 | CVE-2023-34473 | Use of Hard-coded Credentials vulnerability in AMI Megarac Sp-X 12/13 AMI SPx contains a vulnerability in the BMC where a valid user may cause a use of hard-coded credentials. | 8.8 |
| 2023-06-30 | CVE-2023-28387 | Use of Hard-coded Credentials vulnerability in Uzabase Newspicks 10.4.2/10.4.5 "NewsPicks" App for Android versions 10.4.5 and earlier and "NewsPicks" App for iOS versions 10.4.2 and earlier use hard-coded credentials, which may allow a local attacker to analyze data in the app and to obtain API key for an external service. | 5.5 |
| 2023-06-16 | CVE-2023-25187 | Use of Hard-coded Credentials vulnerability in Nokia Asika Airscale Firmware An issue was discovered on NOKIA Airscale ASIKA Single RAN devices before 21B. | 7.0 |
| 2023-06-14 | CVE-2023-3237 | Use of Hard-coded Credentials vulnerability in Otcms A vulnerability classified as critical was found in OTCMS up to 6.62. | 9.8 |
| 2023-06-13 | CVE-2023-2637 | Use of Hard-coded Credentials vulnerability in Rockwellautomation products Rockwell Automation's FactoryTalk System Services uses a hard-coded cryptographic key to generate administrator cookies. Hard-coded cryptographic key may lead to privilege escalation. This vulnerability may allow a local, authenticated non-admin user to generate an invalid administrator cookie giving them administrative privileges to the FactoryTalk Policy Manger database. | 8.2 |