CWE-798

High likelihood

Use of Hard-coded Credentials

Parent: CWE-1391 - Use of Weak Credentials

The product contains hard-coded credentials, such as a password or cryptographic key.

1,721 vulnerabilities with CWE-798
CVE-2020-9279 CRITICAL
D-Link DSL-2640B B2 EU_4.01B - Use of Hard-coded Credentials
CVSS 9.8
CVE-2020-11878 CRITICAL
Jitsi Meet < stable-4384-1 - Use of Hard-coded Credentials
CVSS 9.8
CVE-2020-4269 HIGH
IBM QRadar 7.3.0-7.3.3 Patch 2 - Use of Hard-coded Credentials
CVSS 7.5
CVE-2020-11723 MEDIUM
Cellebrite UFED 5.0-7.29 - Use of Hard-coded Credentials for ADB Authentication
CVSS 5.5
CVE-2020-1615 CRITICAL
Juniper Junos OS vMX - Use of Hard-coded Credentials
CVSS 9.8
CVE-2020-1614 CRITICAL
Juniper Junos < 19.2 - Use of Hard-coded Credentials in NFX250 vSRX VNF
CVSS 10.0
CVE-2020-11543 CRITICAL
OpsRamp Gateway < 7.0.0 - Use of Hard-coded Credentials
CVSS 9.8
CVE-2020-4208 CRITICAL
IBM Spectrum Protect Plus 10.1.0-10.1.5 - Use of Hard-coded Credentials
CVSS 9.8
CVE-2020-1764 HIGH
Kiali < 1.15.1 - Authentication Bypass via Hard-coded Cryptographic Key
CVSS 8.6
CVE-2020-10884 HIGH
TP-Link Archer A7 Firmware <190726 - RCE
CVSS 8.8
CVE-2020-10788 CRITICAL
openITCOCKPIT <3.7.3 - Info Disclosure
CVSS 9.1
CVE-2020-6981 CRITICAL
Moxa EDS-G516E and EDS-510E Firmware < 5.2 - Use of Hard-coded Credentials
CVSS 9.8
CVE-2020-6979 HIGH
Moxa EDS-G516E <5.2 - Info Disclosure
CVSS 7.5
CVE-2020-6985 CRITICAL
Moxa PT-7528 and PT-7828 Series Firmware - Use of Hard-coded Credentials
CVSS 9.8
CVE-2020-6983 HIGH
Moxa PT-7528/7828 <4.0/<3.9 - Info Disclosure
CVSS 7.5
CVE-2020-8868 CRITICAL
Quest Foglight Evolve 9.0.0 - Unauthenticated Remote Code Execution via Hard-coded Credentials
CVSS 9.8
CVE-2020-6990 CRITICAL
Rockwell Automation MicroLogix - Info Disclosure
CVSS 9.8
CVE-2020-9435 HIGH
PHOENIX CONTACT TC Router and TC Cloud Client - Use of Hard-coded Credentials
CVSS 7.5
CVE-2020-4283 HIGH
IBM Security Information Queue 1.0.0-1.0.4 - Use of Hard-coded Credentials
CVSS 8.6
CVE-2020-3165 HIGH
Cisco NX-OS - Unauthenticated BGP MD5 Authentication Bypass via Long VRF Name
CVSS 8.2
CVE-2020-3158 CRITICAL
Cisco Smart Software Manager On-Prem - Privilege Escalation
CVSS 9.1
CVE-2020-8964 CRITICAL
TimeTools SR/SC/T Series Firmware - Unauthenticated Authentication Bypass via Hardcoded Cookie
CVSS 9.8
CVE-2020-8657 CRITICAL KEV
EyesOfNetwork 5.1-5.3 AutoDiscovery Target Command Execution
CVSS 9.8
CVE-2020-5222 MEDIUM
Opencast < 7.6 - Use of Hard-coded Credentials via Remember-Me Cookie
CVSS 6.8
CVE-2020-8001 CRITICAL
Intellian Aptus <1.0.2 - Info Disclosure
CVSS 9.8
Details
Vulnerabilities 1,721
Exploit Likelihood High
Links
MITRE CWE Entry Search this CWE With Exploits