Vulnerabilities > Use of Hard-coded Credentials
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-05-12 | CVE-2022-27172 | Use of Hard-coded Credentials vulnerability in Inhandnetworks Ir302 Firmware 3.5.37/3.5.4 A hard-coded password vulnerability exists in the console infactory functionality of InHand Networks InRouter302 V3.5.37. | 8.8 |
| 2022-05-11 | CVE-2021-38969 | Use of Hard-coded Credentials vulnerability in IBM Spectrum Virtualize 8.2.0.0/8.3.0.0/8.4.0.0 IBM Spectrum Virtualize 8.2, 8.3, and 8.4 could allow an attacker to allow unauthorized access due to the reuse of support generated credentials. | 9.8 |
| 2022-05-04 | CVE-2022-23724 | Use of Hard-coded Credentials vulnerability in Pingidentity Pingid Integration for Windows Login Use of static encryption key material allows forging an authentication token to other users within a tenant organization. | 8.1 |
| 2022-04-29 | CVE-2022-29856 | Use of Hard-coded Credentials vulnerability in Automationanywhere Automation 360 22 A hardcoded cryptographic key in Automation360 22 allows an attacker to decrypt exported RPA packages. | 7.5 |
| 2022-04-27 | CVE-2021-34601 | Use of Hard-coded Credentials vulnerability in Bender Cc612 Firmware and Icc15Xx Firmware In Bender/ebee Charge Controllers in multiple versions are prone to Hardcoded Credentials. | 9.8 |
| 2022-04-26 | CVE-2022-23942 | Use of Hard-coded Credentials vulnerability in Apache Doris Apache Doris, prior to 1.0.0, used a hardcoded key and IV to initialize the cipher used for ldap password, which may lead to information disclosure. | 7.5 |
| 2022-04-25 | CVE-2021-45841 | Use of Hard-coded Credentials vulnerability in Terra-Master TOS 4.2.152107141517 In Terramaster F4-210, F2-210 TOS 4.2.X (4.2.15-2107141517), an attacker can self-sign session cookies by knowing the target's MAC address and the user's password hash. | 8.1 |
| 2022-04-22 | CVE-2022-26672 | Use of Hard-coded Credentials vulnerability in Asus Webstorage 3.10.1 ASUS WebStorage has a hardcoded API Token in the APP source code. | 9.8 |
| 2022-04-21 | CVE-2022-20773 | Use of Hard-coded Credentials vulnerability in Cisco Umbrella A vulnerability in the key-based SSH authentication mechanism of Cisco Umbrella Virtual Appliance (VA) could allow an unauthenticated, remote attacker to impersonate a VA. | 8.1 |
| 2022-04-20 | CVE-2022-24860 | Use of Hard-coded Credentials vulnerability in Databasir Project Databasir 1.0.1 Databasir is a team-oriented relational database model document management platform. | 9.8 |