Vulnerabilities > Use of Hard-coded Credentials
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-10-12 | CVE-2018-17894 | Use of Hard-coded Credentials vulnerability in Nuuo CMS NUUO CMS all versions 3.1 and prior, The application creates default accounts that have hard-coded passwords, which could allow an attacker to gain privileged access. | 9.8 |
| 2018-10-10 | CVE-2018-17919 | Use of Hard-coded Credentials vulnerability in Xiongmaitech Xmeye P2P Cloud Server All versions of Hangzhou Xiongmai Technology Co., Ltd XMeye P2P Cloud Server may allow an attacker to use an undocumented user account "default" with its default password to login to XMeye and access/view video streams. | 6.5 |
| 2018-10-08 | CVE-2018-5399 | Use of Hard-coded Credentials vulnerability in Auto-Maskin Dcu-210E Firmware and Rp-210E Firmware The Auto-Maskin DCU 210E firmware contains an undocumented Dropbear SSH server, v2015.55, configured to listen on Port 22 while the DCU is running. | 9.8 |
| 2018-10-08 | CVE-2018-1742 | Use of Hard-coded Credentials vulnerability in IBM Security KEY Lifecycle Manager IBM Tivoli Key Lifecycle Manager 2.6, 2.7, and 3.0 contains hard-coded credentials, such as a password or cryptographic key, which it uses for its own inbound authentication, outbound communication to external components, or encryption of internal data. | 9.3 |
| 2018-10-05 | CVE-2018-15427 | Use of Hard-coded Credentials vulnerability in Cisco Video Surveillance Manager 7.10/7.11/7.11.1 A vulnerability in Cisco Video Surveillance Manager (VSM) Software running on certain Cisco Connected Safety and Security Unified Computing System (UCS) platforms could allow an unauthenticated, remote attacker to log in to an affected system by using the root account, which has default, static user credentials. | 9.8 |
| 2018-10-05 | CVE-2018-15389 | Use of Hard-coded Credentials vulnerability in Cisco Prime Collaboration 12.1 A vulnerability in the install function of Cisco Prime Collaboration Provisioning (PCP) could allow an unauthenticated, remote attacker to access the administrative web interface using a default hard-coded username and password that are used during install. | 9.8 |
| 2018-10-02 | CVE-2018-15753 | Use of Hard-coded Credentials vulnerability in Mensamax 4.3 An issue was discovered in the MensaMax (aka com.breustedt.mensamax) application 4.3 for Android. | 7.5 |
| 2018-10-01 | CVE-2018-17217 | Use of Hard-coded Credentials vulnerability in PTC Thingworx Platform An issue was discovered in PTC ThingWorx Platform 6.5 through 8.2. | 7.5 |
| 2018-09-26 | CVE-2018-8856 | Use of Hard-coded Credentials vulnerability in Philips E-Alert Firmware 2.1/R2.1 Philips e-Alert Unit (non-medical device), Version R2.1 and prior. | 9.8 |
| 2018-09-18 | CVE-2018-16957 | Use of Hard-coded Credentials vulnerability in Oracle Webcenter Interaction 10.3.3 The Oracle WebCenter Interaction 10.3.3 search service queryd.exe binary is compiled with the i1g2s3c4 hardcoded password. | 9.8 |