Vulnerabilities > Use of Hard-coded Credentials
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-12-14 | CVE-2018-18006 | Use of Hard-coded Credentials vulnerability in Ricoh Myprint 2.2.7/2.9.2.4 Hardcoded credentials in the Ricoh myPrint application 2.9.2.4 for Windows and 2.2.7 for Android give access to any externally disclosed myPrint WSDL API, as demonstrated by discovering API secrets of related Google cloud printers, encrypted passwords of mail servers, and names of printed files. | 9.8 |
| 2018-12-13 | CVE-2018-1887 | Use of Hard-coded Credentials vulnerability in IBM Security Access Manager IBM Security Access Manager Appliance 9.0.1.0, 9.0.2.0, 9.0.3.0, 9.0.4.0, and 9.0.5.0 contains hard-coded credentials, such as a password or cryptographic key, which it uses for its own inbound authentication, outbound communication to external components, or encryption of internal data. | 7.8 |
| 2018-12-13 | CVE-2018-1818 | Use of Hard-coded Credentials vulnerability in IBM Security Guardium IBM Security Guardium 10 and 10.5 contains hard-coded credentials, such as a password or cryptographic key, which it uses for its own inbound authentication, outbound communication to external components, or encryption of internal data. | 9.8 |
| 2018-12-05 | CVE-2018-1650 | Use of Hard-coded Credentials vulnerability in IBM Qradar Incident Forensics IBM QRadar SIEM 7.2 and 7.3 uses hard-coded credentials which could allow an attacker to bypass the authentication configured by the administrator. | 5.5 |
| 2018-12-04 | CVE-2018-0468 | Use of Hard-coded Credentials vulnerability in Cisco Energy Management Suite 5.2 A vulnerability in the configuration of a local database installed as part of the Cisco Energy Management Suite (CEMS) could allow an authenticated, local attacker to access and alter confidential data. | 7.8 |
| 2018-11-27 | CVE-2018-9083 | Use of Hard-coded Credentials vulnerability in Lenovo System Management Module Firmware 1.05 In System Management Module (SMM) versions prior to 1.06, the SMM contains weak default root credentials which could be used to log in to the device OS -- if the attacker manages to enable SSH or Telnet connections via some other vulnerability. | 8.1 |
| 2018-11-16 | CVE-2018-9073 | Use of Hard-coded Credentials vulnerability in Lenovo Chassis Management Module Firmware Lenovo Chassis Management Module (CMM) prior to version 2.0.0 utilizes a hardcoded encryption key to protect certain secrets. | 5.9 |
| 2018-11-15 | CVE-2018-0681 | Use of Hard-coded Credentials vulnerability in NEO Debun Imap and Debun POP Denbun by NEOJAPAN Inc. | 9.8 |
| 2018-11-15 | CVE-2018-0680 | Use of Hard-coded Credentials vulnerability in NEO Debun Imap and Debun POP Denbun by NEOJAPAN Inc. | 9.8 |
| 2018-11-08 | CVE-2018-15439 | Use of Hard-coded Credentials vulnerability in Cisco products A vulnerability in the Cisco Small Business Switches software could allow an unauthenticated, remote attacker to bypass the user authentication mechanism of an affected device. | 9.8 |