Search
Total
5 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2021-34688 | 2 Idrive, Microsoft | 2 Remotepc, Windows | 2022-07-12 | 2.1 LOW | 3.3 LOW |
| iDrive RemotePC before 7.6.48 on Windows allows information disclosure. A locally authenticated attacker can read an encrypted version of the system's Personal Key in world-readable %PROGRAMDATA% log files. The encryption is done using a hard-coded static key and is therefore reversible by an attacker. | |||||
| CVE-2022-0131 | 1 Jmty | 1 Jimoty | 2022-01-24 | 2.1 LOW | 3.3 LOW |
| Jimoty App for Android versions prior to 3.7.42 uses a hard-coded API key for an external service. By exploiting this vulnerability, API key for an external service may be obtained by analyzing data in the app. | |||||
| CVE-2020-25688 | 1 Redhat | 1 Advanced Cluster Management For Kubernetes | 2020-12-08 | 2.7 LOW | 3.5 LOW |
| A flaw was found in rhacm versions before 2.0.5 and before 2.1.0. Two internal service APIs were incorrectly provisioned using a test certificate from the source repository. This would result in all installations using the same certificates. If an attacker could observe network traffic internal to a cluster, they could use the private key to decode API requests that should be protected by TLS sessions, potentially obtaining information they would not otherwise be able to. These certificates are not used for service authentication, so no opportunity for impersonation or active MITM attacks were made possible. | |||||
| CVE-2020-12039 | 1 Baxter | 2 Sigma Spectrum Infusion System, Sigma Spectrum Infusion System Firmware | 2020-07-09 | 2.1 LOW | 2.4 LOW |
| Baxter Sigma Spectrum Infusion Pumps Sigma Spectrum Infusion System v's6.x model 35700BAX & Baxter Spectrum Infusion System v's8.x model 35700BAX2 contain hardcoded passwords when physically entered on the keypad provide access to biomedical menus including device settings, view calibration values, network configuration of Sigma Spectrum WBM if installed. | |||||
| CVE-2018-5552 | 1 Docutracinc | 1 Dtisqlinstaller | 2019-10-09 | 2.1 LOW | 3.3 LOW |
| Versions of DocuTrac QuicDoc and Office Therapy that ship with DTISQLInstaller.exe version 1.6.4.0 and prior contains a hard-coded cryptographic salt, "S@l+&pepper". | |||||