Vulnerabilities > Use of Hard-coded Credentials
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-01-08 | CVE-2023-50948 | Use of Hard-coded Credentials vulnerability in IBM Storage Fusion HCI 2.1.0/2.6.1 IBM Storage Fusion HCI 2.1.0 through 2.6.1 contains hard-coded credentials, such as a password or cryptographic key, which it uses for its own inbound authentication, outbound communication to external components, or encryption of internal data. | 9.8 |
| 2024-01-03 | CVE-2023-37608 | Use of Hard-coded Credentials vulnerability in Automaticsystems SOC Fl9600 Firstlane Firmware 06 An issue in Automatic Systems SOC FL9600 FastLine v.lego_T04E00 allows a remote attacker to obtain sensitive information via the admin login credentials. | 7.5 |
| 2023-12-28 | CVE-2023-49228 | Use of Hard-coded Credentials vulnerability in Peplink Balance TWO Firmware 8.1.0 An issue was discovered in Peplink Balance Two before 8.4.0. | 6.4 |
| 2023-12-27 | CVE-2023-46918 | Use of Hard-coded Credentials vulnerability in Fedirtsapana Simple Http Server Plus 1.8.1Plus Phlox com.phlox.simpleserver.plus (aka Simple HTTP Server PLUS) 1.8.1-plus has an Android manifest file that contains an entry with the android:allowBackup attribute set to true. | 4.6 |
| 2023-12-27 | CVE-2023-46919 | Use of Hard-coded Credentials vulnerability in Fedirtsapana Simple Http Server and Simple Http Server Plus Phlox com.phlox.simpleserver (aka Simple HTTP Server) 1.8 and com.phlox.simpleserver.plus (aka Simple HTTP Server PLUS) 1.8.1-plus have a hardcoded aKySWb2jjrr4dzkYXczKRt7K encryption key. | 6.3 |
| 2023-12-26 | CVE-2023-46711 | Use of Hard-coded Credentials vulnerability in Buffalo Vr-S1000 Firmware VR-S1000 firmware Ver. | 4.6 |
| 2023-12-25 | CVE-2023-40236 | Use of Hard-coded Credentials vulnerability in Pexip Virtual Meeting Rooms In Pexip VMR self-service portal before 3, the same SSH host key is used across different customers' installations, which allows authentication bypass. | 5.3 |
| 2023-12-20 | CVE-2023-47704 | Use of Hard-coded Credentials vulnerability in IBM Security Guardium KEY Lifecycle Manager 4.2.0 IBM Security Guardium Key Lifecycle Manager 4.3 contains plain text hard-coded credentials or other secrets in source code repository. | 7.5 |
| 2023-12-19 | CVE-2023-43870 | Use of Hard-coded Credentials vulnerability in Paxton-Access Net2 6.02/6.07 When installing the Net2 software a root certificate is installed into the trusted store. | 9.8 |
| 2023-12-15 | CVE-2023-48392 | Use of Hard-coded Credentials vulnerability in Kaifa Webitr Attendance System 2.1.0.23 Kaifa Technology WebITR is an online attendance system, it has a vulnerability in using hard-coded encryption key. | 9.8 |