Vulnerabilities > Use of Hard-coded Credentials
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-10-05 | CVE-2018-15389 | Use of Hard-coded Credentials vulnerability in Cisco Prime Collaboration 12.1 A vulnerability in the install function of Cisco Prime Collaboration Provisioning (PCP) could allow an unauthenticated, remote attacker to access the administrative web interface using a default hard-coded username and password that are used during install. | 9.8 |
| 2018-10-02 | CVE-2018-15753 | Use of Hard-coded Credentials vulnerability in Mensamax 4.3 An issue was discovered in the MensaMax (aka com.breustedt.mensamax) application 4.3 for Android. | 7.5 |
| 2018-10-01 | CVE-2018-17217 | Use of Hard-coded Credentials vulnerability in PTC Thingworx Platform An issue was discovered in PTC ThingWorx Platform 6.5 through 8.2. | 7.5 |
| 2018-09-26 | CVE-2018-8856 | Use of Hard-coded Credentials vulnerability in Philips E-Alert Firmware 2.1/R2.1 Philips e-Alert Unit (non-medical device), Version R2.1 and prior. | 9.8 |
| 2018-09-18 | CVE-2018-16957 | Use of Hard-coded Credentials vulnerability in Oracle Webcenter Interaction 10.3.3 The Oracle WebCenter Interaction 10.3.3 search service queryd.exe binary is compiled with the i1g2s3c4 hardcoded password. | 9.8 |
| 2018-09-07 | CVE-2018-0663 | Use of Hard-coded Credentials vulnerability in Iodata products Multiple I-O DATA network camera products (TS-WRLP firmware Ver.1.09.04 and earlier, TS-WRLA firmware Ver.1.09.04 and earlier, TS-WRLP/E firmware Ver.1.09.04 and earlier) use hardcoded credentials which may allow an remote authenticated attacker to execute arbitrary OS commands on the device via unspecified vector. | 8.8 |
| 2018-09-05 | CVE-2018-16546 | Use of Hard-coded Credentials vulnerability in Amcrest Ipc-Hx1X3X-Lexus ENG N Amcrest V2.420.Ac01.3.R.20180206 Amcrest networked devices use the same hardcoded SSL private key across different customers' installations, which allows remote attackers to defeat cryptographic protection mechanisms by leveraging knowledge of this key from another installation, as demonstrated by Amcrest_IPC-HX1X3X-LEXUS_Eng_N_AMCREST_V2.420.AC01.3.R.20180206. | 5.9 |
| 2018-08-30 | CVE-2018-14901 | Use of Hard-coded Credentials vulnerability in Epson Iprint 6.6.3 The EPSON iPrint application 6.6.3 for Android contains hard-coded API and Secret keys for the Dropbox, Box, Evernote and OneDrive services. | 7.5 |
| 2018-08-30 | CVE-2018-13820 | Use of Hard-coded Credentials vulnerability in CA Unified Infrastructure Management 8.4.7/8.5/8.5.1 A hardcoded passphrase, in CA Unified Infrastructure Management 8.5.1, 8.5, and 8.4.7, allows attackers to access sensitive information. | 7.5 |
| 2018-08-30 | CVE-2018-13819 | Use of Hard-coded Credentials vulnerability in CA Unified Infrastructure Management 8.4.7/8.5/8.5.1 A hardcoded secret key, in CA Unified Infrastructure Management 8.5.1, 8.5, and 8.4.7, allows attackers to access sensitive information. | 7.5 |