Vulnerabilities > Use of Hard-coded Credentials
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-07-11 | CVE-2018-0040 | Use of Hard-coded Credentials vulnerability in Juniper Contrail Service Orchestration Juniper Networks Contrail Service Orchestrator versions prior to 4.0.0 use hardcoded cryptographic certificates and keys in some cases, which may allow network based attackers to gain unauthorized access to services. | 9.8 |
| 2018-07-11 | CVE-2018-0039 | Use of Hard-coded Credentials vulnerability in Juniper Contrail Service Orchestration Juniper Networks Contrail Service Orchestration releases prior to 4.0.0 have Grafana service enabled by default with hardcoded credentials. | 9.8 |
| 2018-07-11 | CVE-2018-0038 | Use of Hard-coded Credentials vulnerability in Juniper Contrail Service Orchestration Juniper Networks Contrail Service Orchestration releases prior to 3.3.0 have Cassandra service enabled by default with hardcoded credentials. | 9.8 |
| 2018-07-11 | CVE-2018-10633 | Use of Hard-coded Credentials vulnerability in Universal-Robots Cb3.1 Firmware 3.4.5100 Universal Robots Robot Controllers Version CB 3.1, SW Version 3.4.5-100 utilizes hard-coded credentials that may allow an attacker to reset passwords for the controller. | 9.8 |
| 2018-07-03 | CVE-2018-11641 | Use of Hard-coded Credentials vulnerability in Dialogic Powermedia XMS 3.5 Use of Hard-coded Credentials in /var/www/xms/application/controllers/gatherLogs.php in the administrative console in Dialogic PowerMedia XMS through 3.5 allows remote attackers to interact with a web service. | 9.8 |
| 2018-07-03 | CVE-2018-11635 | Use of Hard-coded Credentials vulnerability in Dialogic Powermedia XMS 3.5 Use of a Hard-coded Cryptographic Key used to protect cookie session data in /var/www/xms/application/config/config.php in the administrative console in Dialogic PowerMedia XMS through 3.5 allows remote attackers to bypass authentication. | 9.8 |
| 2018-07-03 | CVE-2018-8870 | Use of Hard-coded Credentials vulnerability in Medtronic products Medtronic MyCareLink Patient Monitor, 24950 MyCareLink Monitor, all versions, and 24952 MyCareLink Monitor, all versions contains a hard-coded operating system password. | 6.8 |
| 2018-06-28 | CVE-2018-12924 | Use of Hard-coded Credentials vulnerability in Eztcp products Sollae Serial-Ethernet-Module and Remote-I/O-Device-Server devices have a default password of sollae for the TELNET service. | 9.8 |
| 2018-06-26 | CVE-2018-4846 | Use of Hard-coded Credentials vulnerability in Siemens products A vulnerability has been identified in RAPIDLab 1200 systems / RAPIDPoint 400 systems / RAPIDPoint 500 systems (All versions_without_ use of Siemens Healthineers Informatics products), RAPIDLab 1200 Series (All versions < V3.3 _with_ Siemens Healthineers Informatics products), RAPIDPoint 500 systems (All versions >= V3.0 _with_ Siemens Healthineers Informatics products), RAPIDPoint 500 systems (V2.4.X_with_ Siemens Healthineers Informatics products), RAPIDPoint 500 systems (All versions =< V2.3 _with_ Siemens Healthineers Informatics products), RAPIDPoint 400 systems (All versions _with_ Siemens Healthineers Informatics products). | 9.8 |
| 2018-06-21 | CVE-2018-12526 | Use of Hard-coded Credentials vulnerability in Telesquare Sdt-Cs3B1 Firmware and Sdt-Cw3B1 Firmware Telesquare SDT-CS3B1 and SDT-CW3B1 devices through 1.2.0 have a default factory account. | 9.8 |