Vulnerabilities > Use of Hard-coded Credentials
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-03-11 | CVE-2019-5158 | Use of Hard-coded Credentials vulnerability in Wago E!Cockpit 1.6.1.5 An exploitable firmware downgrade vulnerability exists in the firmware update package functionality of the WAGO e!COCKPIT automation software v1.6.1.5. | 7.8 |
| 2020-03-11 | CVE-2019-5106 | Use of Hard-coded Credentials vulnerability in Wago E!Cockpit 1.5.1.1 A hard-coded encryption key vulnerability exists in the authentication functionality of WAGO e!Cockpit version 1.5.1.1. | 5.5 |
| 2020-03-02 | CVE-2020-4283 | Use of Hard-coded Credentials vulnerability in IBM Security Information Queue IBM Security Information Queue (ISIQ) 1.0.0, 1.0.1, 1.0.2, 1.0.3, and 1.0.4 contains hard-coded credentials, such as a password or cryptographic key, which it uses for its own inbound authentication, outbound communication to external components, or encryption of internal data. | 8.6 |
| 2020-02-26 | CVE-2020-3165 | Use of Hard-coded Credentials vulnerability in Cisco Nx-Os A vulnerability in the implementation of Border Gateway Protocol (BGP) Message Digest 5 (MD5) authentication in Cisco NX-OS Software could allow an unauthenticated, remote attacker to bypass MD5 authentication and establish a BGP connection with the device. | 8.2 |
| 2020-02-25 | CVE-2019-5139 | Use of Hard-coded Credentials vulnerability in Moxa Awk-3131A Firmware 1.13 An exploitable use of hard-coded credentials vulnerability exists in multiple iw_* utilities of the Moxa AWK-3131A firmware version 1.13. | 7.1 |
| 2020-02-25 | CVE-2019-5137 | Use of Hard-coded Credentials vulnerability in Moxa Awk-3131A Firmware 1.13 The usage of hard-coded cryptographic keys within the ServiceAgent binary allows for the decryption of captured traffic across the network from or to the Moxa AWK-3131A firmware version 1.13. | 7.5 |
| 2020-02-19 | CVE-2020-3158 | Use of Hard-coded Credentials vulnerability in Cisco Smart Software Manager On-Prem A vulnerability in the High Availability (HA) service of Cisco Smart Software Manager On-Prem could allow an unauthenticated, remote attacker to access a sensitive part of the system with a high-privileged account. | 9.1 |
| 2020-02-19 | CVE-2014-9614 | Use of Hard-coded Credentials vulnerability in Netsweeper The Web Panel in Netsweeper before 4.0.5 has a default password of branding for the branding account, which makes it easier for remote attackers to obtain access via a request to webadmin/. | 9.8 |
| 2020-02-14 | CVE-2019-4392 | Use of Hard-coded Credentials vulnerability in Hcltech Appscan 9.0.3.13 HCL AppScan Standard Edition 9.0.3.13 and earlier uses hard-coded credentials which can be exploited by attackers to get unauthorized access to the system. | 9.8 |
| 2020-02-13 | CVE-2013-6362 | Use of Hard-coded Credentials vulnerability in Xerox products Xerox ColorCube and WorkCenter devices in 2013 had hardcoded FTP and shell user accounts. | 9.8 |