Vulnerabilities > Use of Hard-coded Credentials
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-08-26 | CVE-2020-3446 | Use of Hard-coded Credentials vulnerability in Cisco products A vulnerability in Cisco Virtual Wide Area Application Services (vWAAS) with Cisco Enterprise NFV Infrastructure Software (NFVIS)-bundled images for Cisco ENCS 5400-W Series and CSP 5000-W Series appliances could allow an unauthenticated, remote attacker to log into the NFVIS CLI of an affected device by using accounts that have a default, static password. | 9.8 |
| 2020-08-25 | CVE-2020-14510 | Use of Hard-coded Credentials vulnerability in Secomea Gatemanager 8250 Firmware 9.2C GateManager versions prior to 9.2c, The affected product contains a hard-coded credential for telnet, allowing an unprivileged attacker to execute commands as root. | 9.8 |
| 2020-08-21 | CVE-2020-24056 | Use of Hard-coded Credentials vulnerability in Verint 4320 Firmware, 5620Ptz Firmware and S5120Fd Firmware A hardcoded credentials vulnerability exists in Verint 5620PTZ Verint_FW_0_42, Verint 4320 V4320_FW_0_23, V4320_FW_0_31, and Verint S5120FD Verint_FW_0_42units. | 7.5 |
| 2020-08-21 | CVE-2020-24053 | Use of Hard-coded Credentials vulnerability in Moog Exvf5C-2 Firmware and Exvp7C2-3 Firmware Moog EXO Series EXVF5C-2 and EXVP7C2-3 units have a hardcoded credentials vulnerability. | 7.5 |
| 2020-08-21 | CVE-2020-24574 | Use of Hard-coded Credentials vulnerability in GOG Galaxy The client (aka GalaxyClientService.exe) in GOG GALAXY through 2.0.41 (as of 12:58 AM Eastern, 9/26/21) allows local privilege escalation from any authenticated user to SYSTEM by instructing the Windows service to execute arbitrary commands. | 7.8 |
| 2020-08-11 | CVE-2020-16170 | Use of Hard-coded Credentials vulnerability in Robotemi Temi 1.3.3/1.3.7931 Use of Hard-coded Credentials in temi Robox OS prior to 120, temi Android app up to 1.3.7931 allows remote attackers to listen in on any ongoing calls between temi robots and their users if they can brute-force/guess a six-digit value via unspecified vectors. | 7.5 |
| 2020-08-06 | CVE-2020-13793 | Use of Hard-coded Credentials vulnerability in Ivanti DSM Netinst 5.1 Unsafe storage of AD credentials in Ivanti DSM netinst 5.1 due to a static, hard-coded encryption key. | 9.8 |
| 2020-08-06 | CVE-2020-7352 | Use of Hard-coded Credentials vulnerability in GOG Galaxy The GalaxyClientService component of GOG Galaxy runs with elevated SYSTEM privileges in a Windows environment. | 8.8 |
| 2020-08-04 | CVE-2020-4459 | Use of Hard-coded Credentials vulnerability in IBM Security Secret Server 10.6/10.7/10.7.000059 IBM Security Verify Access 10.7 contains hard-coded credentials, such as a password or cryptographic key, which it uses for its own inbound authentication, outbound communication to external components, or encryption of internal data. | 9.8 |
| 2020-07-31 | CVE-2020-3382 | Use of Hard-coded Credentials vulnerability in Cisco Data Center Network Manager A vulnerability in the REST API of Cisco Data Center Network Manager (DCNM) could allow an unauthenticated, remote attacker to bypass authentication and execute arbitrary actions with administrative privileges on an affected device. | 9.8 |