CVE-2021-41320
MEDIUMWallstreet Suite TRM 7.4.83 - Use of Hard-coded Credentials
Title source: llmDescription
A technical user has hardcoded credentials in Wallstreet Suite TRM 7.4.83 (64-bit edition) with higher privilege than the average authenticated user. NOTE: the vendor disputes this because the password is not hardcoded (it can be changed during installation or at any later time).
References (4)
Core 4
Core References
Various Sources
https://cds.thalesgroup.com/en/tcs-cert/CVE-2021-41320
Various Sources
https://client-connect.iongroup.com/library/content/treasury-management/wallstreet-suite/security/suite-7-4-83/user-passwords/
Third Party Advisory
https://excellium-services.com/cert-xlm-advisory/CVE-2021-41320
Product, Vendor Advisory
https://iongroup.com/ion-treasury/products/wallstreet-suite/
Scores
CVSS v3
5.5
EPSS
0.0023
EPSS Percentile
13.2%
Attack Vector
LOCAL
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Details
CWE
CWE-798
Status
published
Products (1)
iongroup/wallstreet_suite
7.4.83
Published
Oct 15, 2021
Tracked Since
Feb 18, 2026