Vulnerabilities > Use of Hard-coded Credentials
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-04-15 | CVE-2020-4269 | Use of Hard-coded Credentials vulnerability in IBM Qradar Security Information and Event Manager IBM QRadar 7.3.0 to 7.3.3 Patch 2 contains hard-coded credentials, such as a password or cryptographic key, which it uses for its own inbound authentication, outbound communication to external components, or encryption of internal data. | 7.5 |
| 2020-04-14 | CVE-2020-11723 | Use of Hard-coded Credentials vulnerability in Cellebrite Ufed Firmware Cellebrite UFED 5.0 through 7.29 uses four hardcoded RSA private keys to authenticate to the ADB daemon on target devices. | 5.5 |
| 2020-04-08 | CVE-2020-1615 | Use of Hard-coded Credentials vulnerability in Juniper Junos The factory configuration for vMX installations, as shipped, includes default credentials for the root account. | 9.8 |
| 2020-04-08 | CVE-2020-1614 | Use of Hard-coded Credentials vulnerability in Juniper Junos A Use of Hard-coded Credentials vulnerability exists in the NFX250 Series for the vSRX Virtual Network Function (VNF) instance, which allows an attacker to take control of the vSRX VNF instance if they have the ability to access an administrative service (e.g. | 10.0 |
| 2020-04-08 | CVE-2020-11543 | Use of Hard-coded Credentials vulnerability in Opsramp Gateway 3.0.0 OpsRamp Gateway before 7.0.0 has a backdoor account vadmin with the password 9vt@f3Vt that allows root SSH access to the server. | 9.8 |
| 2020-04-07 | CVE-2019-13559 | Use of Hard-coded Credentials vulnerability in GE Mark VIE Controll System GE Mark VIe Controller is shipped with pre-configured hard-coded credentials that may allow root-user access to the controller. | 7.8 |
| 2020-03-31 | CVE-2020-4208 | Use of Hard-coded Credentials vulnerability in IBM Spectrum Protect Plus IBM Spectrum Protect Plus 10.1.0 through 10.1.5 contains hard-coded credentials, such as a password or cryptographic key, which it uses for its own inbound authentication, outbound communication to external components, or encryption of internal data. | 9.8 |
| 2020-03-26 | CVE-2020-1764 | Use of Hard-coded Credentials vulnerability in multiple products A hard-coded cryptographic key vulnerability in the default configuration file was found in Kiali, all versions prior to 1.15.1. | 8.6 |
| 2020-03-25 | CVE-2020-10884 | Use of Hard-coded Credentials vulnerability in Tp-Link Ac1750 Firmware 190726 This vulnerability allows network-adjacent attackers execute arbitrary code on affected installations of TP-Link Archer A7 Firmware Ver: 190726 AC1750 routers. | 8.8 |
| 2020-03-25 | CVE-2020-10788 | Use of Hard-coded Credentials vulnerability in It-Novum Openitcockpit openITCOCKPIT before 3.7.3 uses the 1fea123e07f730f76e661bced33a94152378611e API key rather than generating a random API Key for WebSocket connections. | 9.1 |