Vulnerabilities > Use of Hard-coded Credentials
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-03-19 | CVE-2018-5552 | Use of Hard-coded Credentials vulnerability in Docutracinc Dtisqlinstaller 1.6.4.0 Versions of DocuTrac QuicDoc and Office Therapy that ship with DTISQLInstaller.exe version 1.6.4.0 and prior contains a hard-coded cryptographic salt, "S@l+&pepper". | 3.3 |
| 2018-03-19 | CVE-2018-5551 | Use of Hard-coded Credentials vulnerability in Docutracinc Dtisqlinstaller 1.6.4.0 Versions of DocuTrac QuicDoc and Office Therapy that ship with DTISQLInstaller.exe version 1.6.4.0 and prior contain three credentials with known passwords: QDMaster, OTMaster, and sa. | 10.0 |
| 2018-03-16 | CVE-2017-8013 | Use of Hard-coded Credentials vulnerability in EMC Data Protection Advisor 6.3.0/6.4.0 EMC Data Protection Advisor 6.3.x before patch 67 and 6.4.x before patch 130 contains undocumented accounts with hard-coded passwords and various privileges. | 9.8 |
| 2018-03-12 | CVE-2016-0235 | Use of Hard-coded Credentials vulnerability in IBM Security Guardium Database Activity Monitor 10.0 IBM Security Guardium Database Activity Monitor 10 allows local users to have unspecified impact by leveraging administrator access to a hardcoded password, related to use on GRUB systems. | 8.2 |
| 2018-03-12 | CVE-2018-1206 | Use of Hard-coded Credentials vulnerability in EMC Data Protection Advisor 6.3.0/6.4.0 Dell EMC Data Protection Advisor versions prior to 6.3 Patch 159 and Dell EMC Data Protection Advisor versions prior to 6.4 Patch 110 contain a hardcoded database account with administrative privileges. | 7.8 |
| 2018-03-09 | CVE-2018-7229 | Use of Hard-coded Credentials vulnerability in Schneider-Electric products A vulnerability exists in Schneider Electric's Pelco Sarix Professional in all firmware versions prior to 3.29.67 which could allow an unauthenticated, remote attacker to bypass authentication and gain administrator privileges because the use of hardcoded credentials. | 9.8 |
| 2018-03-09 | CVE-2014-6617 | Use of Hard-coded Credentials vulnerability in Industrial.Softing Fg-100 PB Profibus Firmware Fgx00Pbv2.02.0.00 Softing FG-100 PB PROFIBUS firmware version FG-x00-PB_V2.02.0.00 contains a hardcoded password for the root account, which allows remote attackers to obtain administrative access via a TELNET session. | 9.8 |
| 2018-03-08 | CVE-2018-1216 | Use of Hard-coded Credentials vulnerability in Dell products A hard-coded password vulnerability was discovered in vApp Manager which is embedded in Dell EMC Unisphere for VMAX, Dell EMC Solutions Enabler, Dell EMC VASA Virtual Appliances, and Dell EMC VMAX Embedded Management (eManagement): Dell EMC Unisphere for VMAX Virtual Appliance versions prior to 8.4.0.18, Dell EMC Solutions Enabler Virtual Appliance versions prior to 8.4.0.21, Dell EMC VASA Virtual Appliance versions prior to 8.4.0.514, and Dell EMC VMAX Embedded Management (eManagement) versions prior to and including 1.4 (Enginuity Release 5977.1125.1125 and earlier). | 9.8 |
| 2018-03-08 | CVE-2018-0141 | Use of Hard-coded Credentials vulnerability in Cisco products A vulnerability in Cisco Prime Collaboration Provisioning (PCP) Software 11.6 could allow an unauthenticated, local attacker to log in to the underlying Linux operating system. | 8.4 |
| 2018-03-02 | CVE-2017-1787 | Use of Hard-coded Credentials vulnerability in IBM Rational Publishing Engine 2.1.2/6.0.5 IBM Publishing Engine 2.1.2 and 6.0.5 contains an undisclosed vulnerability that could allow a local user with administrative privileges to obtain hard coded user credentials. | 6.7 |