Vulnerabilities > Use of Hard-coded Credentials
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-12-20 | CVE-2018-19233 | Use of Hard-coded Credentials vulnerability in Comparex Miss Marple COMPAREX Miss Marple Enterprise Edition before 2.0 allows local users to execute arbitrary code by reading the user name and encrypted password hard-coded in an Inventory Agent configuration file. | 7.8 |
| 2018-12-14 | CVE-2018-18006 | Use of Hard-coded Credentials vulnerability in Ricoh Myprint 2.2.7/2.9.2.4 Hardcoded credentials in the Ricoh myPrint application 2.9.2.4 for Windows and 2.2.7 for Android give access to any externally disclosed myPrint WSDL API, as demonstrated by discovering API secrets of related Google cloud printers, encrypted passwords of mail servers, and names of printed files. | 9.8 |
| 2018-12-13 | CVE-2018-1887 | Use of Hard-coded Credentials vulnerability in IBM Security Access Manager IBM Security Access Manager Appliance 9.0.1.0, 9.0.2.0, 9.0.3.0, 9.0.4.0, and 9.0.5.0 contains hard-coded credentials, such as a password or cryptographic key, which it uses for its own inbound authentication, outbound communication to external components, or encryption of internal data. | 7.8 |
| 2018-12-13 | CVE-2018-1818 | Use of Hard-coded Credentials vulnerability in IBM Security Guardium IBM Security Guardium 10 and 10.5 contains hard-coded credentials, such as a password or cryptographic key, which it uses for its own inbound authentication, outbound communication to external components, or encryption of internal data. | 9.8 |
| 2018-12-05 | CVE-2018-1650 | Use of Hard-coded Credentials vulnerability in IBM Qradar Incident Forensics IBM QRadar SIEM 7.2 and 7.3 uses hard-coded credentials which could allow an attacker to bypass the authentication configured by the administrator. | 5.5 |
| 2018-12-04 | CVE-2018-0468 | Use of Hard-coded Credentials vulnerability in Cisco Energy Management Suite 5.2 A vulnerability in the configuration of a local database installed as part of the Cisco Energy Management Suite (CEMS) could allow an authenticated, local attacker to access and alter confidential data. | 7.8 |
| 2018-11-27 | CVE-2018-9083 | Use of Hard-coded Credentials vulnerability in Lenovo System Management Module Firmware 1.05 In System Management Module (SMM) versions prior to 1.06, the SMM contains weak default root credentials which could be used to log in to the device OS -- if the attacker manages to enable SSH or Telnet connections via some other vulnerability. | 8.1 |
| 2018-11-16 | CVE-2018-9073 | Use of Hard-coded Credentials vulnerability in Lenovo Chassis Management Module Firmware Lenovo Chassis Management Module (CMM) prior to version 2.0.0 utilizes a hardcoded encryption key to protect certain secrets. | 5.9 |
| 2018-11-15 | CVE-2018-0681 | Use of Hard-coded Credentials vulnerability in NEO Debun Imap and Debun POP Denbun by NEOJAPAN Inc. | 9.8 |
| 2018-11-15 | CVE-2018-0680 | Use of Hard-coded Credentials vulnerability in NEO Debun Imap and Debun POP Denbun by NEOJAPAN Inc. | 9.8 |