Vulnerabilities > Use of Hard-coded Credentials
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-03-24 | CVE-2020-6979 | Use of Hard-coded Credentials vulnerability in Moxa Eds-510E Firmware and Eds-G516E Firmware In Moxa EDS-G516E Series firmware, Version 5.2 or lower, the affected products use a hard-coded cryptographic key, increasing the possibility that confidential data can be recovered. | 5.0 |
| 2020-03-24 | CVE-2020-6985 | Use of Hard-coded Credentials vulnerability in Moxa products In Moxa PT-7528 series firmware, Version 4.0 or lower, and PT-7828 series firmware, Version 3.9 or lower, these devices use a hard-coded service code for access to the console. | 10.0 |
| 2020-03-24 | CVE-2020-6983 | Use of Hard-coded Credentials vulnerability in Moxa products In Moxa PT-7528 series firmware, Version 4.0 or lower, and PT-7828 series firmware, Version 3.9 or lower, the affected products use a hard-coded cryptographic key, which increases the possibility that confidential data can be recovered. | 5.0 |
| 2020-03-23 | CVE-2020-8868 | Use of Hard-coded Credentials vulnerability in Quest Foglight Evolve 9.0.0 This vulnerability allows remote attackers to execute arbitrary code on affected installations of Quest Foglight Evolve 9.0.0. | 10.0 |
| 2020-03-16 | CVE-2020-6990 | Use of Hard-coded Credentials vulnerability in Rockwellautomation products Rockwell Automation MicroLogix 1400 Controllers Series B v21.001 and prior, Series A, all versions, MicroLogix 1100 Controller, all versions, RSLogix 500 Software v12.001 and prior, The cryptographic key utilized to help protect the account password is hard coded into the RSLogix 500 binary file. | 10.0 |
| 2020-03-13 | CVE-2019-14309 | Use of Hard-coded Credentials vulnerability in Ricoh products Ricoh SP C250DN 1.05 devices have a fixed password. | 5.0 |
| 2020-03-12 | CVE-2020-9435 | Use of Hard-coded Credentials vulnerability in Phoenixcontact products PHOENIX CONTACT TC ROUTER 3002T-4G through 2.05.3, TC ROUTER 2002T-3G through 2.05.3, TC ROUTER 3002T-4G VZW through 2.05.3, TC ROUTER 3002T-4G ATT through 2.05.3, TC CLOUD CLIENT 1002-4G through 2.03.17, and TC CLOUD CLIENT 1002-TXTX through 1.03.17 devices contain a hardcoded certificate (and key) that is used by default for web-based services on the device. | 5.0 |
| 2020-03-11 | CVE-2019-5158 | Use of Hard-coded Credentials vulnerability in Wago E!Cockpit 1.6.1.5 An exploitable firmware downgrade vulnerability exists in the firmware update package functionality of the WAGO e!COCKPIT automation software v1.6.1.5. | 4.3 |
| 2020-03-02 | CVE-2020-4283 | Use of Hard-coded Credentials vulnerability in IBM Security Information Queue IBM Security Information Queue (ISIQ) 1.0.0, 1.0.1, 1.0.2, 1.0.3, and 1.0.4 contains hard-coded credentials, such as a password or cryptographic key, which it uses for its own inbound authentication, outbound communication to external components, or encryption of internal data. | 5.0 |
| 2020-02-26 | CVE-2020-3165 | Use of Hard-coded Credentials vulnerability in Cisco Nx-Os A vulnerability in the implementation of Border Gateway Protocol (BGP) Message Digest 5 (MD5) authentication in Cisco NX-OS Software could allow an unauthenticated, remote attacker to bypass MD5 authentication and establish a BGP connection with the device. | 4.3 |