Vulnerabilities > Zyxel > Cloudcnm Secumanager > Critical

DATE CVE VULNERABILITY TITLE RISK
2022-09-29 CVE-2020-15347 Insufficiently Protected Credentials vulnerability in Zyxel Cloudcnm Secumanager 3.1.0/3.1.1
Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has the q6xV4aW8bQ4cfD-b password for the axiros account.
network
low complexity
zyxel CWE-522
critical
 9.8
9.8
2022-09-29 CVE-2020-15332 Cleartext Storage of Sensitive Information vulnerability in Zyxel Cloudcnm Secumanager 3.1.0/3.1.1
Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has weak /opt/axess/etc/default/axess permissions.
network
low complexity
zyxel CWE-312
critical
 9.8
9.8
2022-09-29 CVE-2020-15331 Missing Encryption of Sensitive Data vulnerability in Zyxel Cloudcnm Secumanager 3.1.0/3.1.1
Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has a hardcoded OAUTH_SECRET_KEY in /opt/axess/etc/default/axess.
network
low complexity
zyxel CWE-311
critical
 9.8
9.8