Vulnerabilities > Use of Hard-coded Credentials
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-04-23 | CVE-2019-10688 | Use of Hard-coded Credentials vulnerability in Polycom products VVX products with software versions including and prior to, UCS 5.9.2 with Better Together over Ethernet Connector (BToE) application 3.9.1, use hard-coded credentials to establish connections between the host application and the device. | 6.8 |
| 2019-04-18 | CVE-2019-9160 | Use of Hard-coded Credentials vulnerability in Xinruidz Sundray WAN Controller Firmware 3.7.4.2 WAC on the Sangfor Sundray WLAN Controller version 3.7.4.2 and earlier has a backdoor account allowing a remote attacker to login to the system via SSH (on TCP port 22345) and escalate to root (because the password for root is the WebUI admin password concatenated with a static string). | 9.8 |
| 2019-04-11 | CVE-2019-9975 | Use of Hard-coded Credentials vulnerability in Dasannetworks H660Rm Firmware 1.030022 DASAN H660RM devices with firmware 1.03-0022 use a hard-coded key for logs encryption. | 7.5 |
| 2019-04-05 | CVE-2019-10479 | Use of Hard-coded Credentials vulnerability in Glory-Global Rbw-100 Firmware Ispk05027.0.0 An issue was discovered on Glory RBW-100 devices with firmware ISP-K05-02 7.0.0. | 9.8 |
| 2019-03-28 | CVE-2019-3710 | Use of Hard-coded Credentials vulnerability in Dell EMC Networking Os10 Dell EMC Networking OS10 versions prior to 10.4.3 contain a cryptographic key vulnerability due to an underlying application using undocumented, pre-installed X.509v3 key/certificate pairs. | 8.1 |
| 2019-03-26 | CVE-2014-5431 | Use of Hard-coded Credentials vulnerability in Baxter Sigma Spectrum Infusion System Firmware 6.05 Baxter SIGMA Spectrum Infusion System version 6.05 (model 35700BAX) with wireless battery module (WBM) version 16 contains a hard-coded password, which provides access to basic biomedical information, limited device settings, and network configuration of the WBM, if connected. | 6.8 |
| 2019-03-26 | CVE-2014-5434 | Use of Hard-coded Credentials vulnerability in Baxter Sigma Spectrum Infusion System Firmware 6.05 Baxter SIGMA Spectrum Infusion System version 6.05 (model 35700BAX) with wireless battery module (WBM) version 16 has a default account with hard-coded credentials used with the FTP protocol. | 9.8 |
| 2019-03-25 | CVE-2019-10011 | Use of Hard-coded Credentials vulnerability in Jenzabar Internet Campus Solution ICS/StaticPages/AddTestUsers.aspx in Jenzabar JICS (aka Internet Campus Solution) before 2019-02-06 allows remote attackers to create an arbitrary number of accounts with a password of 1234. | 9.8 |
| 2019-03-25 | CVE-2015-3953 | Use of Hard-coded Credentials vulnerability in Pifzer products Hard-coded accounts may be used to access Hospira Plum A+ Infusion System version 13.4 and prior, Plum A+3 Infusion System version 13.6 and prior, and Symbiq Infusion System, version 3.13 and prior. | 9.8 |
| 2019-03-21 | CVE-2019-7161 | Use of Hard-coded Credentials vulnerability in Zohocorp Manageengine Adselfservice Plus An issue was discovered in Zoho ManageEngine ADSelfService Plus 5.x through build 5704. | 7.5 |