CWE-1188

Initialization of a Resource with an Insecure Default

Parent: CWE-1419 - Incorrect Initialization of Resource

The product initializes or sets a resource with a default that is intended to be changed by the product's installer, administrator, or maintainer, but the default is not secure.

288 vulnerabilities with CWE-1188
CVE-2018-16752 HIGH
LINK-NET LW-N605R Firmware 12.20.2.1486 - Authenticated Remote Code Execution via Ping HOST Field
CVSS 8.8
CVE-2018-3825 MEDIUM
Elastic Cloud Enterprise <1.1.4 - Info Disclosure
CVSS 5.9
CVE-2018-15685 HIGH
Electron 1.7.15, 1.8.7, 2.0.7, 3.0.0-beta.6 - Remote Code Execution via WebPreferences Misconfiguration
CVSS 8.1
CVE-2018-15350 CRITICAL
Kraftway 24F2XG <3.5.30.1118 - Privilege Escalation
CVSS 9.8
CVE-2018-1524 HIGH
IBM Maximo Asset Management <7.6.3 - Privilege Escalation
CVSS 8.8
CVE-2018-3667 HIGH
Intel Processor Diagnostic Tool 4.1.0.24 - Insecure File Permissions Leading to Privilege Escalation
CVSS 7.8
CVE-2018-0263 HIGH
Cisco Meeting Server - Info Disclosure
CVSS 7.4
CVE-2018-5841 HIGH
Android - Insecure Default Resource Initialization in dcc_curr_list
CVSS 7.8
CVE-2018-10968 CRITICAL
D-Link DIR-550A/DIR-604M <v2.10KR - Privilege Escalation
CVSS 9.8
CVE-2018-8014 CRITICAL
Apache Tomcat 9.0.0.M1-9.0.8, 8.5.0-8.5.31, 8.0.0.RC1-8.0.52, 7.0.4...
CVSS 9.8
CVE-2018-10989 MEDIUM
Arris Touchstone Telephony Gateway TG1682G 9.1.103J6 - Info Disclosure
CVSS 6.6
CVE-2018-10251 CRITICAL
Sierra Wireless AirLink - RCE
CVSS 9.8
CVE-2018-3591 CRITICAL
Qualcomm Snapdragon Mobile and Wear Firmware - Insecure Default Configuration in BOOT.BF.3.0
CVSS 9.8
CVE-2018-5770 CRITICAL
Tenda AC15 Firmware - Unauthenticated Telnet Service Activation via /goform/telnet
CVSS 9.8
CVE-2018-0130 CRITICAL
Cisco Elastic Services Controller - Auth Bypass
CVSS 9.8
CVE-2017-12736 HIGH
Siemens SCALANCE and RUGGEDCOM - Unauthenticated Unauthorized Administrative Access via RCDP
CVSS 8.8
CVE-2017-8039 MEDIUM
Pivotal Spring Web Flow <2.4.5 - Info Disclosure
CVSS 5.9
CVE-2017-12739 CRITICAL
Siemens SICAM RTUs SM-2556 COM Modules - RCE
CVSS 9.8
CVE-2017-8021 CRITICAL
EMC ECS <3.1 - Privilege Escalation
CVSS 9.8
CVE-2017-6750 HIGH
Cisco Web Security Appliance - Unauthenticated Static Credentials Vulnerability
CVSS 7.5
CVE-2017-6692 HIGH
Cisco Ultra Services Framework Element Manager - Privilege Escalation
CVSS 8.8
CVE-2017-6689 HIGH
Cisco Elastic Services Controllers <2.2.9.76 - Privilege Escalation
CVSS 8.8
CVE-2017-6688 HIGH
Cisco Elastic Services Controllers <2.2.9.76 - Privilege Escalation
CVSS 8.8
CVE-2017-6687 HIGH
Cisco Ultra Services Framework Element Manager - Privilege Escalation
CVSS 8.8
CVE-2017-6686 HIGH
Cisco Ultra Services Framework Element Manager - Privilege Escalation
CVSS 8.8
Details
Vulnerabilities 288
Links
MITRE CWE Entry Search this CWE With Exploits