CWE-1188

Initialization of a Resource with an Insecure Default

Parent: CWE-1419 - Incorrect Initialization of Resource

The product initializes or sets a resource with a default that is intended to be changed by the product's installer, administrator, or maintainer, but the default is not secure.

288 vulnerabilities with CWE-1188
CVE-2017-6685 HIGH
Cisco Ultra Services Framework Staging Server - Privilege Escalation
CVSS 8.8
CVE-2017-6684 HIGH
Cisco Elastic Services Controllers - Privilege Escalation
CVSS 8.8
CVE-2017-4971 MEDIUM
Pivotal Spring Web Flow <2.4.4 - Info Disclosure
CVSS 5.9
CVE-2017-9137 HIGH
Ceragon FibeAir IP-10 <7.2.0 - Info Disclosure
CVSS 7.3
CVE-2017-8218 CRITICAL
vsftpd on TP-Link C2/C20i - Auth Bypass
CVSS 9.8
CVE-2017-7964 CRITICAL
Zyxel WRE6505 Firmware < v1.00(aaqb.3)c0 - Default Credentials for TELNET
CVSS 10.0
CVE-2017-3834 CRITICAL
Cisco Aironet 1830/1850 < 8.2.111.0 - RCE via Default SSH Credentials
CVSS 9.8
CVE-2017-5178 CRITICAL
Schneider Electric Tableau Server/Desktop <10.1.3 - Info Disclosure
CVSS 9.8
CVE-2017-5155 HIGH
Schneider Electric Wonderware Historian <2014 R2 SP1 P01 - Info Dis...
CVSS 7.3
CVE-2017-5491 MEDIUM
WordPress < 4.7.1 - Unauthenticated Posting Restriction Bypass via Spoofed Mail Server
CVSS 5.3
CVE-2014-0234 CRITICAL
Red Hat OpenShift Enterprise <2.1 - RCE
CVSS 9.8
CVE-2010-2247 HIGH
makepasswd 1.10 - Insecure Default Password Generation
CVSS 7.5
CVE-2008-3278 HIGH
frysk < 2008-08-05 - Local Privilege Escalation via Insecure RPATH in ELF Binaries
CVSS 7.8
Details
Vulnerabilities 288
Links
MITRE CWE Entry Search this CWE With Exploits