Vulnerabilities > Use of Hard-coded Credentials
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-11-23 | CVE-2020-25688 | Use of Hard-coded Credentials vulnerability in Redhat Advanced Cluster Management for Kubernetes A flaw was found in rhacm versions before 2.0.5 and before 2.1.0. | 3.5 |
| 2020-11-23 | CVE-2020-4854 | Use of Hard-coded Credentials vulnerability in IBM Spectrum Protect Plus IBM Spectrum Protect Plus 10.1.0 thorugh 10.1.6 contains hard-coded credentials, such as a password or cryptographic key, which it uses for its own inbound authentication, outbound communication to external components, or encryption of internal data. | 9.8 |
| 2020-11-18 | CVE-2020-26097 | Use of Hard-coded Credentials vulnerability in Planet Nvr-1615 Firmware and Nvr-915 Firmware The firmware of the PLANET Technology Corp NVR-915 and NVR-1615 before 2020-10-28 embeds default credentials for root access via telnet. | 9.8 |
| 2020-11-16 | CVE-2020-26509 | Use of Hard-coded Credentials vulnerability in Airleader Master Control Airleader Master and Easy <= 6.21 devices have default credentials that can be used for a denial of service. | 7.5 |
| 2020-11-06 | CVE-2020-26892 | Use of Hard-coded Credentials vulnerability in multiple products The JWT library in NATS nats-server before 2.1.9 has Incorrect Access Control because of how expired credentials are handled. | 9.8 |
| 2020-11-06 | CVE-2020-5667 | Use of Hard-coded Credentials vulnerability in Wantedlyinc Studyplus 6.3.7/8.29.0 Studyplus App for Android v6.3.7 and earlier and Studyplus App for iOS v8.29.0 and earlier use a hard-coded API key for an external service. | 5.5 |
| 2020-11-04 | CVE-2020-27689 | Use of Hard-coded Credentials vulnerability in Imomobile Verve Connect Vh510 Firmware The Relish (Verve Connect) VH510 device with firmware before 1.0.1.6L0516 contains undocumented default admin credentials for the web management interface. | 9.8 |
| 2020-10-29 | CVE-2020-11615 | Use of Hard-coded Credentials vulnerability in Intel BMC Firmware 1.06.06/2.47 NVIDIA DGX servers, all BMC firmware versions prior to 3.38.30, contain a vulnerability in the AMI BMC firmware in which it uses a hard-coded RC4 cipher key, which may lead to information disclosure. | 7.5 |
| 2020-10-29 | CVE-2020-11487 | Use of Hard-coded Credentials vulnerability in Intel BMC Firmware 1.06.06/2.47 NVIDIA DGX servers, DGX-1 with BMC firmware versions prior to 3.38.30. | 7.5 |
| 2020-10-29 | CVE-2020-11483 | Use of Hard-coded Credentials vulnerability in Intel BMC Firmware 1.06.06/2.47 NVIDIA DGX servers, all DGX-1 with BMC firmware versions prior to 3.38.30 and all DGX-2 with BMC firmware versions prior to 1.06.06, contains a vulnerability in the AMI BMC firmware in which the firmware includes hard-coded credentials, which may lead to elevation of privileges or information disclosure. | 9.8 |