CWE-798

High likelihood

Use of Hard-coded Credentials

Parent: CWE-1391 - Use of Weak Credentials

The product contains hard-coded credentials, such as a password or cryptographic key.

1,712 vulnerabilities with CWE-798
CVE-2024-49805 CRITICAL
IBM Security Verify Access Appliance <10.0.9 - Info Disclosure
CVSS 9.4
CVE-2024-50377 MEDIUM
Advantech EKI-6333AC-2G/2GD <1.6.5 & EKI-6333AC-1GPO <1.2.2 - Hard-coded Credentials
CVSS 6.5
CVE-2024-36248 CRITICAL
Sharp and Toshiba Tec MFPs - Use of Hard-coded Credentials
CVSS 9.1
CVE-2024-35244 CRITICAL
Multiple Hidden Accounts - Info Disclosure
CVSS 9.1
CVE-2024-10451 MEDIUM
Keycloak < 24.0.9 and 26.0 < 26.0.6 - Use of Hard-coded Credentials via Build Process
CVSS 5.9
CVE-2024-11630 HIGH
E-Lins H685-H900 <3.2 - Hard-coded Credentials
CVSS 7.3
CVE-2024-5722 HIGH
Logsign Unified SecOps Platform 6.4.6-6.4.8 - Unauthenticated Remote Code Execution via Hard-coded Cryptographic Key
CVSS 8.8
CVE-2024-42450 CRITICAL
Versa Director < 22.1.4 - Unauthenticated Use of Hard-coded Credentials in PostgreSQL
CVSS 10.0
CVE-2024-52789 HIGH
Tenda W30E v2.0 V16.01.0.8 - Use of Hard-coded Credentials in /etc_ro/shadow
CVSS 8.0
CVE-2024-52788 HIGH
Tenda W9 Firmware 1.0.0.7(4456) - Use of Hard-coded Credentials in /etc_ro/shadow
CVSS 8.0
CVE-2024-49060 HIGH
Azure Stack HCI < 2411 - Elevation of Privilege via Hard-coded Credentials
CVSS 8.8
CVE-2024-48971 CRITICAL
Baxter Life2000 Ventilation System < 06.08.00.00 - Use of Hard-coded Credentials
CVSS 9.3
CVE-2024-40410 MEDIUM
Cybele Software Thinfinity Workspace <7.0.2.113 - Info Disclosure
CVSS 4.8
CVE-2024-7295 HIGH
Progress Telerik Report Server < 10.3.24.1112 - Use of Hard-coded Credentials
CVSS 7.1
CVE-2024-52295 CRITICAL
DataEase < 2.10.2 - Use of Hard-coded Credentials for JWT Forgery
CVSS 9.8
CVE-2024-11026 LOW
Freenow App 12.10.0 - Use of Hard-coded Password in Keystore Handler
CVSS 3.7
CVE-2024-50593 HIGH
Elefant Service - Privilege Escalation
CVSS 7.8
CVE-2024-10920 LOW
Mariazevedo88 travels-java-api <5.0.1 - Info Disclosure
CVSS 3.1
CVE-2024-10748 LOW
Cosmote Greece What's Up App 4.47.3 - Info Disclosure
CVSS 2.5
CVE-2024-51431 CRITICAL
LB-LINK BL-WR1300H 1.0.4 - Use of Hard-coded Credentials
CVSS 9.8
CVE-2024-31151 HIGH
LevelOne WBR-6012 Firmware - Hard-coded Credentials in Web Services
CVSS 8.1
CVE-2024-28875 HIGH
LevelOne WBR-6012 Firmware - Hard-coded Credentials in Web Services
CVSS 8.1
CVE-2024-45656 CRITICAL
IBM Power System E1080 (9080-hex) Firmware - Hard-coded Credentials
CVSS 9.8
CVE-2024-48539 CRITICAL
Neye3C v4.5.2.0 - Use of Hard-coded Credentials in Firmware Update Mechanism
CVSS 9.8
CVE-2024-20412 CRITICAL
Cisco Firepower Threat Defense - Static Credential Authentication Bypass
CVSS 9.3
Details
Vulnerabilities 1,712
Exploit Likelihood High
Links
MITRE CWE Entry Search this CWE With Exploits