IBM Guardium Data Protection could allow a remote attacker to obtain sensitive information due to cleartext transmission of sensitive credential information.
IBM Maximo Application Suite - Monitor Component 8.10, 8.11, and 9.0 could disclose information in the form of the hard-coded cryptographic key to an attacker that has compromised environment.
strongMan is a management interface for strongSwan, an OpenSource IPsec-based VPN. When storing credentials in the database (private keys, EAP secrets), strongMan encrypts the corresponding database f
Siklu EtherHaul 8010 siklu-uimage-nxp-enc-10_6_2-18707-ea552dc00b devices have a static root password.
A vulnerability has been identified in SINEC INS (All versions < V1.0 SP2 Update 6). The affected application uses a password hashing implementation with a static, hardcoded salt shared across all use
IBM Storage Defender - Resiliency Service 2.0.0 through 2.0.9
could allow a privileged user to obtain highly sensitive user credentials from secret keys that are stored in clear text.
This vulnerability exists in SyroTech SY-GPON-1110-WDONT Router due to storing of default username and password credentials in plaintext within the router's firmware/ database. An attacker with physic
Issue summary: Applications using RSASVE key encapsulation to establish
a secret encryption key can send contents of an uninitialized memory buffer to
a malicious peer.
Impact summary: The uninitiali
A use of hard-coded password vulnerability may allow authentication abuse.This issue affects ELI 380 Resting Electrocardiograph:
Versions 2.6.0 and prior; ELI 280/BUR280/MLBUR 280 Resting Electrocar
IBM InfoSphere Information Server 11.7.0.0 through 11.7.1.6 could allow an attacker to obtain sensitive information due to insufficiently protected credentials.
Medtronic MyCareLink Patient Monitor uses per-product credentials that are stored in a recoverable format. An attacker can use these credentials to modify encrypted drive data.
An information disclosure vulnerability in Bosscomm IF740 Firmware versions:11001.7078 & v11001.0000 and System versions: 6.25 & 6.00 allows attackers to obtain hardcoded cleartext credentials via the
A CWE-798 "Use of Hard-coded Credentials" was discovered affecting the following devices manufactured by Advantech: EKI-6333AC-2G (<= 1.6.3), EKI-6333AC-2GD (<= v1.6.3) and EKI-6333AC-1GPO (<= v1.2.1)
Cleartext Storage of Sensitive Information vulnerability in Mitsubishi Electric GENESIS64 versions 10.97.3 and prior, Mitsubishi Electric ICONICS Suite versions 10.97.3 and prior, Mitsubishi Electric
NeuVector used a hard-coded cryptographic key embedded in the source
code. At compilation time, the key value was replaced with the secret
key value and used to encrypt sensitive configurations whe
The use of a hard-coded encryption key in calls to the Password function in C2SGlobalSettings.dll in Milner ImageDirector Capture on Windows allows a local attacker to decrypt database credentials by
Use of a custom password encoding algorithm in Streamsoft Prestiż software allows straightforward decoding of passwords using their encoded forms, which are stored in the application's database. One h
Cleartext Storage of Sensitive Information Vulnerability in GX Works2 all versions allows an attacker to disclose credential information stored in plaintext from project files. As a result, the attack
Insecure Data Storage of credentials has been found in /api_vedo/configuration/config.yml file in Vedo Suite version 2024.17. This file contains clear-text credentials, secret keys, and database infor
Cybele Software Thinfinity Workspace before v7.0.2.113 was discovered to contain a hardcoded cryptographic key used for encryption.