Common Weakness Enumeration

CWE-798

Allowed-with-Review

Use of Hard-coded Credentials

Abstraction: Base · Status: Draft

The product contains hard-coded credentials, such as a password or cryptographic key.

2173 vulnerabilities reference this CWE, most recent first.

CVE-2021-40342 (GCVE-0-2021-40342)

Vulnerability from cvelistv5 – Published: 2023-01-05 21:27 – Updated: 2025-04-10 14:07
VLAI
Title
Use of default key for encryption
Summary
In the DES implementation, the affected product versions use a default key for encryption. Successful exploitation allows an attacker to obtain sensitive information and gain access to the network elements that are managed by the affected products versions. This issue affects * FOXMAN-UN product: FOXMAN-UN R16A, FOXMAN-UN R15B, FOXMAN-UN R15A, FOXMAN-UN R14B, FOXMAN-UN R14A, FOXMAN-UN R11B, FOXMAN-UN R11A, FOXMAN-UN R10C, FOXMAN-UN R9C; * UNEM product: UNEM R16A, UNEM R15B, UNEM R15A, UNEM R14B, UNEM R14A, UNEM R11B, UNEM R11A, UNEM R10C, UNEM R9C. List of CPEs: * cpe:2.3:a:hitachienergy:foxman-un:R16A:*:*:*:*:*:*:* * cpe:2.3:a:hitachienergy:foxman-un:R15B:*:*:*:*:*:*:* * cpe:2.3:a:hitachienergy:foxman-un:R15A:*:*:*:*:*:*:* * cpe:2.3:a:hitachienergy:foxman-un:R14B:*:*:*:*:*:*:* * cpe:2.3:a:hitachienergy:foxman-un:R14A:*:*:*:*:*:*:* * cpe:2.3:a:hitachienergy:foxman-un:R11B:*:*:*:*:*:*:* * cpe:2.3:a:hitachienergy:foxman-un:R11A:*:*:*:*:*:*:* * cpe:2.3:a:hitachienergy:foxman-un:R10C:*:*:*:*:*:*:* * cpe:2.3:a:hitachienergy:foxman-un:R9C:*:*:*:*:*:*:* * cpe:2.3:a:hitachienergy:unem:R16A:*:*:*:*:*:*:* * cpe:2.3:a:hitachienergy:unem:R15B:*:*:*:*:*:*:* * cpe:2.3:a:hitachienergy:unem:R15A:*:*:*:*:*:*:* * cpe:2.3:a:hitachienergy:unem:R14B:*:*:*:*:*:*:* * cpe:2.3:a:hitachienergy:unem:R14A:*:*:*:*:*:*:* * cpe:2.3:a:hitachienergy:unem:R11B:*:*:*:*:*:*:* * cpe:2.3:a:hitachienergy:unem:R11A:*:*:*:*:*:*:* * cpe:2.3:a:hitachienergy:unem:R10C:*:*:*:*:*:*:* * cpe:2.3:a:hitachienergy:unem:R9C:*:*:*:*:*:*:*
SSVC
Exploitation: none Automatable: no Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
  • CWE-798 - Use of Hard-coded Credentials
Assigner
Impacted products
Vendor Product Version
Hitachi Energy FOXMAN-UN Affected: FOXMAN-UN R16A
Affected: FOXMAN-UN R15B
Affected: FOXMAN-UN R15A
Affected: FOXMAN-UN R14B
Affected: FOXMAN-UN R14A
Affected: FOXMAN-UN R11B
Affected: FOXMAN-UN R11A
Affected: FOXMAN-UN R10C
Affected: FOXMAN-UN R9C
Create a notification for this product.
Hitachi Energy UNEM Affected: UNEM R16A
Affected: UNEM R15B
Affected: UNEM R15A
Affected: UNEM R14B
Affected: UNEM R14A
Affected: UNEM R11B
Affected: UNEM R11A
Affected: UNEM R10C
Affected: UNEM R9C
Create a notification for this product.
Date Public
2022-12-13 13:30
Credits
K-Businessom AG, Austria
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T02:27:31.935Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://search.abb.com/library/Download.aspx?DocumentID=8DBD000083\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://search.abb.com/library/Download.aspx?DocumentID=8DBD000084\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2021-40342",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-04-10T14:07:13.855207Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-04-10T14:07:23.190Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "FOXMAN-UN",
          "vendor": "Hitachi Energy",
          "versions": [
            {
              "status": "affected",
              "version": "FOXMAN-UN R16A"
            },
            {
              "status": "affected",
              "version": "FOXMAN-UN R15B"
            },
            {
              "status": "affected",
              "version": "FOXMAN-UN R15A"
            },
            {
              "status": "affected",
              "version": "FOXMAN-UN R14B"
            },
            {
              "status": "affected",
              "version": "FOXMAN-UN R14A"
            },
            {
              "status": "affected",
              "version": "FOXMAN-UN R11B"
            },
            {
              "status": "affected",
              "version": "FOXMAN-UN R11A"
            },
            {
              "status": "affected",
              "version": "FOXMAN-UN R10C"
            },
            {
              "status": "affected",
              "version": "FOXMAN-UN R9C"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "UNEM",
          "vendor": "Hitachi Energy",
          "versions": [
            {
              "status": "affected",
              "version": "UNEM R16A"
            },
            {
              "status": "affected",
              "version": "UNEM R15B"
            },
            {
              "status": "affected",
              "version": "UNEM R15A"
            },
            {
              "status": "affected",
              "version": "UNEM R14B"
            },
            {
              "status": "affected",
              "version": "UNEM R14A"
            },
            {
              "status": "affected",
              "version": "UNEM R11B"
            },
            {
              "status": "affected",
              "version": "UNEM R11A"
            },
            {
              "status": "affected",
              "version": "UNEM R10C"
            },
            {
              "status": "affected",
              "version": "UNEM R9C"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "reporter",
          "user": "00000000-0000-4000-9000-000000000000",
          "value": "K-Businessom AG, Austria"
        }
      ],
      "datePublic": "2022-12-13T13:30:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eIn the DES implementation, the affected product versions use a default key for encryption. Successful exploitation allows an attacker \u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eto obtain sensitive information and gain access to the network elements that are managed by the affected products versions.\u003c/span\u003e\n\n\u003cp\u003e\n\n\u003c/p\u003e\u003cp\u003eThis issue affects \u003c/p\u003e\u003cp\u003e\u003c/p\u003e\u003cul\u003e\u003cli\u003eFOXMAN-UN product: FOXMAN-UN R16A, FOXMAN-UN R15B, FOXMAN-UN R15A, FOXMAN-UN R14B, FOXMAN-UN R14A, FOXMAN-UN R11B, FOXMAN-UN R11A, FOXMAN-UN R10C, FOXMAN-UN R9C; \u003c/li\u003e\u003cli\u003eUNEM product: UNEM R16A, UNEM R15B, UNEM R15A, UNEM R14B, UNEM R14A, UNEM R11B, UNEM R11A, UNEM R10C, UNEM R9C.\u003c/li\u003e\u003c/ul\u003e\u003cp\u003e\u003c/p\u003eList of CPEs: \u003cbr\u003e\u003cul\u003e\u003cli\u003ecpe:2.3:a:hitachienergy:foxman-un:R16A:*:*:*:*:*:*:*\u003c/li\u003e\u003cli\u003ecpe:2.3:a:hitachienergy:foxman-un:R15B:*:*:*:*:*:*:*\u003c/li\u003e\u003cli\u003ecpe:2.3:a:hitachienergy:foxman-un:R15A:*:*:*:*:*:*:*\u003c/li\u003e\u003cli\u003ecpe:2.3:a:hitachienergy:foxman-un:R14B:*:*:*:*:*:*:*\u003c/li\u003e\u003cli\u003ecpe:2.3:a:hitachienergy:foxman-un:R14A:*:*:*:*:*:*:*\u003c/li\u003e\u003cli\u003ecpe:2.3:a:hitachienergy:foxman-un:R11B:*:*:*:*:*:*:*\u003c/li\u003e\u003cli\u003ecpe:2.3:a:hitachienergy:foxman-un:R11A:*:*:*:*:*:*:*\u003c/li\u003e\u003cli\u003ecpe:2.3:a:hitachienergy:foxman-un:R10C:*:*:*:*:*:*:*\u003c/li\u003e\u003cli\u003ecpe:2.3:a:hitachienergy:foxman-un:R9C:*:*:*:*:*:*:*\u003c/li\u003e\u003cli\u003ecpe:2.3:a:hitachienergy:unem:R16A:*:*:*:*:*:*:*\u003c/li\u003e\u003cli\u003ecpe:2.3:a:hitachienergy:unem:R15B:*:*:*:*:*:*:*\u003c/li\u003e\u003cli\u003ecpe:2.3:a:hitachienergy:unem:R15A:*:*:*:*:*:*:*\u003c/li\u003e\u003cli\u003ecpe:2.3:a:hitachienergy:unem:R14B:*:*:*:*:*:*:*\u003c/li\u003e\u003cli\u003ecpe:2.3:a:hitachienergy:unem:R14A:*:*:*:*:*:*:*\u003c/li\u003e\u003cli\u003ecpe:2.3:a:hitachienergy:unem:R11B:*:*:*:*:*:*:*\u003c/li\u003e\u003cli\u003ecpe:2.3:a:hitachienergy:unem:R11A:*:*:*:*:*:*:*\u003c/li\u003e\u003cli\u003ecpe:2.3:a:hitachienergy:unem:R10C:*:*:*:*:*:*:*\u003c/li\u003e\u003cli\u003ecpe:2.3:a:hitachienergy:unem:R9C:*:*:*:*:*:*:*\u003c/li\u003e\u003c/ul\u003e\n\n\u003cp\u003e\u003c/p\u003e"
            }
          ],
          "value": "\nIn the DES implementation, the affected product versions use a default key for encryption. Successful exploitation allows an attacker to obtain sensitive information and gain access to the network elements that are managed by the affected products versions.\n\n\n\n\n\nThis issue affects \n\n\n\n  *  FOXMAN-UN product: FOXMAN-UN R16A, FOXMAN-UN R15B, FOXMAN-UN R15A, FOXMAN-UN R14B, FOXMAN-UN R14A, FOXMAN-UN R11B, FOXMAN-UN R11A, FOXMAN-UN R10C, FOXMAN-UN R9C; \n  *  UNEM product: UNEM R16A, UNEM R15B, UNEM R15A, UNEM R14B, UNEM R14A, UNEM R11B, UNEM R11A, UNEM R10C, UNEM R9C.\n\n\n\n\nList of CPEs: \n  *  cpe:2.3:a:hitachienergy:foxman-un:R16A:*:*:*:*:*:*:*\n  *  cpe:2.3:a:hitachienergy:foxman-un:R15B:*:*:*:*:*:*:*\n  *  cpe:2.3:a:hitachienergy:foxman-un:R15A:*:*:*:*:*:*:*\n  *  cpe:2.3:a:hitachienergy:foxman-un:R14B:*:*:*:*:*:*:*\n  *  cpe:2.3:a:hitachienergy:foxman-un:R14A:*:*:*:*:*:*:*\n  *  cpe:2.3:a:hitachienergy:foxman-un:R11B:*:*:*:*:*:*:*\n  *  cpe:2.3:a:hitachienergy:foxman-un:R11A:*:*:*:*:*:*:*\n  *  cpe:2.3:a:hitachienergy:foxman-un:R10C:*:*:*:*:*:*:*\n  *  cpe:2.3:a:hitachienergy:foxman-un:R9C:*:*:*:*:*:*:*\n  *  cpe:2.3:a:hitachienergy:unem:R16A:*:*:*:*:*:*:*\n  *  cpe:2.3:a:hitachienergy:unem:R15B:*:*:*:*:*:*:*\n  *  cpe:2.3:a:hitachienergy:unem:R15A:*:*:*:*:*:*:*\n  *  cpe:2.3:a:hitachienergy:unem:R14B:*:*:*:*:*:*:*\n  *  cpe:2.3:a:hitachienergy:unem:R14A:*:*:*:*:*:*:*\n  *  cpe:2.3:a:hitachienergy:unem:R11B:*:*:*:*:*:*:*\n  *  cpe:2.3:a:hitachienergy:unem:R11A:*:*:*:*:*:*:*\n  *  cpe:2.3:a:hitachienergy:unem:R10C:*:*:*:*:*:*:*\n  *  cpe:2.3:a:hitachienergy:unem:R9C:*:*:*:*:*:*:*\n\n\n\n\n\n\n"
        }
      ],
      "impacts": [
        {
          "capecId": "CAPEC-20",
          "descriptions": [
            {
              "lang": "en",
              "value": "CAPEC-20 Encryption Brute Forcing"
            }
          ]
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "NONE",
            "baseScore": 7.1,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-798",
              "description": "CWE-798 Use of Hard-coded Credentials",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-01-05T21:27:02.929Z",
        "orgId": "e383dce4-0c27-4495-91c4-0db157728d17",
        "shortName": "Hitachi Energy"
      },
      "references": [
        {
          "url": "https://search.abb.com/library/Download.aspx?DocumentID=8DBD000083\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch"
        },
        {
          "url": "https://search.abb.com/library/Download.aspx?DocumentID=8DBD000084\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch"
        }
      ],
      "source": {
        "discovery": "EXTERNAL"
      },
      "title": "Use of default key for encryption",
      "workarounds": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\n\n\n\nThe vulnerabilities are partially remediated in FOXMAN-UN R16A or UNEM R16A, the full remediation will be done in the upcoming release (planned).\n\u003cbr\u003e\u003cbr\u003eFor immediate recommended mitigation actions if using FOXMAN-UN R16A or UNEM R16A,\nplease refer to the \n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eDatabase contains credentials with weak encryption\u003c/span\u003e\n\nclause of section Mitigation Factors/Workarounds\nin the respective products\u0027 advisory.\n\u003cbr\u003e\u003cbr\u003eFor immediate recommended mitigation actions if using FOXMAN-UN R15B or UNEM R15B and earlier, please refer to the multiple clauses of section Mitigation Factors/Workarounds in the advisory\u003cbr\u003e\u003cul\u003e\u003cli\u003eSecure the NMS CLIENT/SERVER communication. \u003c/li\u003e\u003cli\u003eEmbedded FOXCST with RADIUS authentication should be avoided. \u003c/li\u003e\u003cli\u003eDatabase contains credentials with weak encryption.\u003c/li\u003e\u003c/ul\u003e"
            }
          ],
          "value": "\n\n\nThe vulnerabilities are partially remediated in FOXMAN-UN R16A or UNEM R16A, the full remediation will be done in the upcoming release (planned).\n\n\nFor immediate recommended mitigation actions if using FOXMAN-UN R16A or UNEM R16A,\nplease refer to the \n\nDatabase contains credentials with weak encryption\n\nclause of section Mitigation Factors/Workarounds\nin the respective products\u0027 advisory.\n\n\nFor immediate recommended mitigation actions if using FOXMAN-UN R15B or UNEM R15B and earlier, please refer to the multiple clauses of section Mitigation Factors/Workarounds in the advisory\n  *  Secure the NMS CLIENT/SERVER communication. \n  *  Embedded FOXCST with RADIUS authentication should be avoided. \n  *  Database contains credentials with weak encryption.\n\n\n"
        }
      ],
      "x_generator": {
        "engine": "Vulnogram 0.1.0-dev"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "e383dce4-0c27-4495-91c4-0db157728d17",
    "assignerShortName": "Hitachi Energy",
    "cveId": "CVE-2021-40342",
    "datePublished": "2023-01-05T21:27:02.929Z",
    "dateReserved": "2021-08-31T20:24:21.499Z",
    "dateUpdated": "2025-04-10T14:07:23.190Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2021-35961 (GCVE-0-2021-35961)

Vulnerability from cvelistv5 – Published: 2021-07-16 15:20 – Updated: 2024-09-17 01:16
VLAI
Title
TAIWAN SECOM CO., LTD., Door Access Control and Personnel Attendance Management system - Use of Hard-coded Credentials
Summary
Dr. ID Door Access Control and Personnel Attendance Management system uses the hard-code admin default credentials that allows remote attackers to access the system through the default password and obtain the highest permission.
CWE
  • CWE-798 - Use of Hard-coded Credentials
Assigner
References
Impacted products
Vendor Product Version
TAIWAN SECOM CO., LTD., Door Access Control and Personnel Attendance Management system Affected: unspecified , ≤ 3.4.0.0.3.12_20210525 (custom)
Create a notification for this product.
Date Public
2021-07-15 00:00
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T00:47:42.562Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.twcert.org.tw/tw/cp-132-4905-c99ac-1.html"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.chtsecurity.com/news/2e4e69d5-2e32-4f73-ac7e-a66432e020e4"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "platforms": [
            "Personnel Attendance system"
          ],
          "product": "Door Access Control and Personnel Attendance Management system",
          "vendor": "TAIWAN SECOM CO., LTD.,",
          "versions": [
            {
              "lessThanOrEqual": "3.4.0.0.3.12_20210525",
              "status": "affected",
              "version": "unspecified",
              "versionType": "custom"
            }
          ]
        }
      ],
      "datePublic": "2021-07-15T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "Dr. ID Door Access Control and Personnel Attendance Management system uses the hard-code admin default credentials that allows remote attackers to access the system through the default password and obtain the highest permission."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-798",
              "description": "CWE-798 Use of Hard-coded Credentials",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2021-07-16T15:20:34.000Z",
        "orgId": "cded6c7f-6ce5-4948-8f87-aa7a3bbb6b0e",
        "shortName": "twcert"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.twcert.org.tw/tw/cp-132-4905-c99ac-1.html"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.chtsecurity.com/news/2e4e69d5-2e32-4f73-ac7e-a66432e020e4"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "value": "Update to:\nPersonnel Attendance system ver. 3.4.0.0.3.12_20210525"
        }
      ],
      "source": {
        "advisory": "TVN-202107002",
        "discovery": "EXTERNAL"
      },
      "title": "TAIWAN SECOM CO., LTD., Door Access Control and Personnel Attendance Management system - Use of Hard-coded Credentials",
      "x_generator": {
        "engine": "Vulnogram 0.0.9"
      },
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "AKA": "TWCERT/CC",
          "ASSIGNER": "cve@cert.org.tw",
          "DATE_PUBLIC": "2021-07-15T11:19:00.000Z",
          "ID": "CVE-2021-35961",
          "STATE": "PUBLIC",
          "TITLE": "TAIWAN SECOM CO., LTD., Door Access Control and Personnel Attendance Management system - Use of Hard-coded Credentials"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Door Access Control and Personnel Attendance Management system",
                      "version": {
                        "version_data": [
                          {
                            "platform": "Personnel Attendance system",
                            "version_affected": "\u003c=",
                            "version_value": "3.4.0.0.3.12_20210525"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "TAIWAN SECOM CO., LTD.,"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Dr. ID Door Access Control and Personnel Attendance Management system uses the hard-code admin default credentials that allows remote attackers to access the system through the default password and obtain the highest permission."
            }
          ]
        },
        "generator": {
          "engine": "Vulnogram 0.0.9"
        },
        "impact": {
          "cvss": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-798 Use of Hard-coded Credentials"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://www.twcert.org.tw/tw/cp-132-4905-c99ac-1.html",
              "refsource": "MISC",
              "url": "https://www.twcert.org.tw/tw/cp-132-4905-c99ac-1.html"
            },
            {
              "name": "https://www.chtsecurity.com/news/2e4e69d5-2e32-4f73-ac7e-a66432e020e4",
              "refsource": "MISC",
              "url": "https://www.chtsecurity.com/news/2e4e69d5-2e32-4f73-ac7e-a66432e020e4"
            }
          ]
        },
        "solution": [
          {
            "lang": "en",
            "value": "Update to:\nPersonnel Attendance system ver. 3.4.0.0.3.12_20210525"
          }
        ],
        "source": {
          "advisory": "TVN-202107002",
          "discovery": "EXTERNAL"
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "cded6c7f-6ce5-4948-8f87-aa7a3bbb6b0e",
    "assignerShortName": "twcert",
    "cveId": "CVE-2021-35961",
    "datePublished": "2021-07-16T15:20:34.752Z",
    "dateReserved": "2021-06-30T00:00:00.000Z",
    "dateUpdated": "2024-09-17T01:16:12.106Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2021-35252 (GCVE-0-2021-35252)

Vulnerability from cvelistv5 – Published: 2022-12-16 00:00 – Updated: 2025-04-17 20:18
VLAI
Title
Common Key Vulnerability in Serv-U FTP Server
Summary
Common encryption key appears to be used across all deployed instances of Serv-U FTP Server. Because of this an encrypted value that is exposed to an attacker can be simply recovered to plaintext.
SSVC
Exploitation: none Automatable: yes Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
  • CWE-798 - Use of Hard-coded Credentials
Assigner
Impacted products
Credits
SecureWorks Disclosure Team
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T00:33:51.290Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "https://documentation.solarwinds.com/en/success_center/servu/content/release_notes/servu_15-3-2_release_notes.htm",
            "tags": [
              "x_transferred"
            ],
            "url": "https://documentation.solarwinds.com/en/success_center/servu/content/release_notes/servu_15-3-2_release_notes.htm"
          },
          {
            "name": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35252",
            "tags": [
              "x_transferred"
            ],
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35252"
          },
          {
            "name": "https://www.solarwinds.com/trust-center/security-advisories/CVE-2021-35252",
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.solarwinds.com/trust-center/security-advisories/CVE-2021-35252"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2021-35252",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-04-17T20:17:44.705409Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-04-17T20:18:01.478Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Serv-U FTP Server",
          "vendor": "SolarWinds",
          "versions": [
            {
              "status": "affected",
              "version": "15.3.0"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "user": "00000000-0000-4000-9000-000000000000",
          "value": "SecureWorks Disclosure Team"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "Common encryption key appears to be used across all deployed instances of Serv-U FTP Server. Because of this an encrypted value that is exposed to an attacker can be simply recovered to plaintext."
            }
          ],
          "value": "Common encryption key appears to be used across all deployed instances of Serv-U FTP Server. Because of this an encrypted value that is exposed to an attacker can be simply recovered to plaintext."
        }
      ],
      "impacts": [
        {
          "capecId": "CAPEC-21",
          "descriptions": [
            {
              "lang": "en",
              "value": "CAPEC-21 Exploitation of Trusted Credentials"
            }
          ]
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-798",
              "description": "CWE-798 Use of Hard-coded Credentials",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-10-23T12:45:56.851Z",
        "orgId": "49f11609-934d-4621-84e6-e02e032104d6",
        "shortName": "SolarWinds"
      },
      "references": [
        {
          "name": "https://documentation.solarwinds.com/en/success_center/servu/content/release_notes/servu_15-3-2_release_notes.htm",
          "url": "https://documentation.solarwinds.com/en/success_center/servu/content/release_notes/servu_15-3-2_release_notes.htm"
        },
        {
          "name": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35252",
          "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35252"
        },
        {
          "name": "https://www.solarwinds.com/trust-center/security-advisories/CVE-2021-35252",
          "url": "https://www.solarwinds.com/trust-center/security-advisories/CVE-2021-35252"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "SolarWinds advises to upgrade to the latest version of Serv-U 15.3.2 once became generally available."
            }
          ],
          "value": "SolarWinds advises to upgrade to the latest version of Serv-U 15.3.2 once became generally available."
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "title": "Common Key Vulnerability in Serv-U FTP Server",
      "x_generator": {
        "engine": "Vulnogram 0.1.0-dev"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "49f11609-934d-4621-84e6-e02e032104d6",
    "assignerShortName": "SolarWinds",
    "cveId": "CVE-2021-35252",
    "datePublished": "2022-12-16T00:00:00.000Z",
    "dateReserved": "2021-06-22T00:00:00.000Z",
    "dateUpdated": "2025-04-17T20:18:01.478Z",
    "serial": 1,
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2021-35232 (GCVE-0-2021-35232)

Vulnerability from cvelistv5 – Published: 2021-12-27 18:48 – Updated: 2024-09-17 03:44
VLAI
Title
Hard credentials discovered in SolarWinds Web Help Desk which allows to execute Arbitrary Hibernate Queries
Summary
Hard coded credentials discovered in SolarWinds Web Help Desk product. Through these credentials, the attacker with local access to the Web Help Desk host machine allows to execute arbitrary HQL queries against the database and leverage the vulnerability to steal the password hashes of the users or insert arbitrary data into the database.
CWE
  • CWE-798 - Exposure of Sensitive Information to an Unauthorized Actor
Assigner
References
Impacted products
Vendor Product Version
SolarWinds Web Help Desk Affected: 12.7.7 and previous versions , < 12.7.7 HF 1 (custom)
Create a notification for this product.
Date Public
2021-12-21 16:00
Credits
Shubham Shah
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T00:33:51.242Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.solarwinds.com/trust-center/security-advisories/CVE-2021-35232"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://support.solarwinds.com/SuccessCenter/s/article/Web-Help-Desk-12-7-7-Hotfix-1-Release-Notes?language=en_US"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Web Help Desk",
          "vendor": "SolarWinds",
          "versions": [
            {
              "lessThan": "12.7.7 HF 1",
              "status": "affected",
              "version": "12.7.7 and previous versions",
              "versionType": "custom"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "user": "00000000-0000-4000-9000-000000000000",
          "value": "Shubham Shah"
        }
      ],
      "datePublic": "2021-12-21T16:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cp\u003eHard coded credentials discovered in SolarWinds Web Help Desk product. Through these credentials, the attacker with local access to the Web Help Desk host machine allows to execute arbitrary HQL queries against the database and leverage the vulnerability to steal the password hashes of the users or insert arbitrary data into the database.\u003c/p\u003e"
            }
          ],
          "value": "Hard coded credentials discovered in SolarWinds Web Help Desk product. Through these credentials, the attacker with local access to the Web Help Desk host machine allows to execute arbitrary HQL queries against the database and leverage the vulnerability to steal the password hashes of the users or insert arbitrary data into the database."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "NONE",
            "baseScore": 6.8,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "LOW",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-798",
              "description": "CWE-798: Exposure of Sensitive Information to an Unauthorized Actor",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-08-03T20:30:17.665Z",
        "orgId": "49f11609-934d-4621-84e6-e02e032104d6",
        "shortName": "SolarWinds"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.solarwinds.com/trust-center/security-advisories/CVE-2021-35232"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://support.solarwinds.com/SuccessCenter/s/article/Web-Help-Desk-12-7-7-Hotfix-1-Release-Notes?language=en_US"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cp\u003eSolarWinds advises the customers to upgrade to the latest Web Help Desk 12.7.7 Hotfix 1 product release once it becomes generally available.\u003c/p\u003e"
            }
          ],
          "value": "SolarWinds advises the customers to upgrade to the latest Web Help Desk 12.7.7 Hotfix 1 product release once it becomes generally available."
        }
      ],
      "source": {
        "defect": [
          "CVE-2021-35232"
        ],
        "discovery": "EXTERNAL"
      },
      "title": "Hard credentials discovered in SolarWinds Web Help Desk which allows to execute Arbitrary Hibernate Queries",
      "x_generator": {
        "engine": "Vulnogram 0.0.9"
      },
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@solarwinds.com",
          "DATE_PUBLIC": "2021-12-22T15:45:00.000Z",
          "ID": "CVE-2021-35232",
          "STATE": "PUBLIC",
          "TITLE": "Hard credentials discovered in SolarWinds Web Help Desk which allows to execute Arbitrary Hibernate Queries"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Web Help Desk",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "\u003c",
                            "version_name": "12.7.7 and previous versions",
                            "version_value": "12.7.7 HF 1"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "SolarWinds"
              }
            ]
          }
        },
        "credit": [
          {
            "lang": "eng",
            "value": "Shubham Shah"
          }
        ],
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Hard coded credentials discovered in SolarWinds Web Help Desk product. Through these credentials, the attacker with local access to the Web Help Desk host machine allows to execute arbitrary HQL queries against the database and leverage the vulnerability to steal the password hashes of the users or insert arbitrary data into the database."
            }
          ]
        },
        "generator": {
          "engine": "Vulnogram 0.0.9"
        },
        "impact": {
          "cvss": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "NONE",
            "baseScore": 6.8,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "LOW",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N",
            "version": "3.1"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-200: Exposure of Sensitive Information to an Unauthorized Actor"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://www.solarwinds.com/trust-center/security-advisories/CVE-2021-35232",
              "refsource": "MISC",
              "url": "https://www.solarwinds.com/trust-center/security-advisories/CVE-2021-35232"
            },
            {
              "name": "https://support.solarwinds.com/SuccessCenter/s/article/Web-Help-Desk-12-7-7-Hotfix-1-Release-Notes?language=en_US",
              "refsource": "MISC",
              "url": "https://support.solarwinds.com/SuccessCenter/s/article/Web-Help-Desk-12-7-7-Hotfix-1-Release-Notes?language=en_US"
            }
          ]
        },
        "solution": [
          {
            "lang": "en",
            "value": "SolarWinds advises the customers to upgrade to the latest Web Help Desk 12.7.7 Hotfix 1 product release once it becomes generally available."
          }
        ],
        "source": {
          "defect": [
            "CVE-2021-35232"
          ],
          "discovery": "EXTERNAL"
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "49f11609-934d-4621-84e6-e02e032104d6",
    "assignerShortName": "SolarWinds",
    "cveId": "CVE-2021-35232",
    "datePublished": "2021-12-27T18:48:18.158Z",
    "dateReserved": "2021-06-22T00:00:00.000Z",
    "dateUpdated": "2024-09-17T03:44:02.601Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2021-34812 (GCVE-0-2021-34812)

Vulnerability from cvelistv5 – Published: 2021-06-18 03:00 – Updated: 2024-09-17 01:31
VLAI
Summary
Use of hard-coded credentials vulnerability in php component in Synology Calendar before 2.4.0-0761 allows remote attackers to obtain sensitive information via unspecified vectors.
CWE
  • CWE-798 - Use of Hard-coded Credentials
Assigner
References
Impacted products
Vendor Product Version
Synology Synology Calendar Affected: unspecified , < 2.4.0-0761 (custom)
Create a notification for this product.
Date Public
2021-06-17 00:00
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T00:26:54.053Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://www.synology.com/security/advisory/Synology_SA_21_12"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Synology Calendar",
          "vendor": "Synology",
          "versions": [
            {
              "lessThan": "2.4.0-0761",
              "status": "affected",
              "version": "unspecified",
              "versionType": "custom"
            }
          ]
        }
      ],
      "datePublic": "2021-06-17T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "Use of hard-coded credentials vulnerability in php component in Synology Calendar before 2.4.0-0761 allows remote attackers to obtain sensitive information via unspecified vectors."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 5.8,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-798",
              "description": "CWE-798: Use of Hard-coded Credentials",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2021-06-18T03:00:12.000Z",
        "orgId": "db201096-a0cc-46c7-9a55-61d9e221bf01",
        "shortName": "synology"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://www.synology.com/security/advisory/Synology_SA_21_12"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "security@synology.com",
          "DATE_PUBLIC": "2021-06-17T06:30:42.194294",
          "ID": "CVE-2021-34812",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Synology Calendar",
                      "version": {
                        "version_data": [
                          {
                            "affected": "\u003c",
                            "version_affected": "\u003c",
                            "version_value": "2.4.0-0761"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Synology"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Use of hard-coded credentials vulnerability in php component in Synology Calendar before 2.4.0-0761 allows remote attackers to obtain sensitive information via unspecified vectors."
            }
          ]
        },
        "impact": {
          "cvss": {
            "baseScore": "5.8",
            "vectorString": "AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N",
            "version": "3.1"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-798: Use of Hard-coded Credentials"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://www.synology.com/security/advisory/Synology_SA_21_12",
              "refsource": "CONFIRM",
              "url": "https://www.synology.com/security/advisory/Synology_SA_21_12"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "db201096-a0cc-46c7-9a55-61d9e221bf01",
    "assignerShortName": "synology",
    "cveId": "CVE-2021-34812",
    "datePublished": "2021-06-18T03:00:12.747Z",
    "dateReserved": "2021-06-16T00:00:00.000Z",
    "dateUpdated": "2024-09-17T01:31:29.491Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2021-34577 (GCVE-0-2021-34577)

Vulnerability from cvelistv5 – Published: 2022-11-09 16:11 – Updated: 2025-05-01 19:16
VLAI
Title
Hardcoded credentials in Kaden PICOFLUX AiR
Summary
In the Kaden PICOFLUX AiR water meter an adversary can read the values through wireless M-Bus mode 5 with a hardcoded shared key while being adjacent to the device.
SSVC
Exploitation: none Automatable: no Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
  • CWE-798 - Use of Hard-coded Credentials
Assigner
References
Impacted products
Vendor Product Version
Kaden PICOFLUX AiR Affected: all
Create a notification for this product.
Date Public
2021-09-16 10:00
Credits
Libor POLČÁK reported to CERT@VDE
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T00:19:46.586Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.fit.vutbr.cz/~polcak/CVE-2021-34577"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2021-34577",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-05-01T19:16:21.657086Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-05-01T19:16:45.077Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "affected",
          "product": "PICOFLUX AiR",
          "vendor": "Kaden",
          "versions": [
            {
              "status": "affected",
              "version": "all"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "user": "00000000-0000-4000-9000-000000000000",
          "value": "Libor POL\u010c\u00c1K reported to CERT@VDE"
        }
      ],
      "datePublic": "2021-09-16T10:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "In the Kaden PICOFLUX AiR water meter an adversary can read the values through wireless M-Bus mode 5 with a hardcoded shared key while being adjacent to the device."
            }
          ],
          "value": "In the Kaden PICOFLUX AiR water meter an adversary can read the values through wireless M-Bus mode 5 with a hardcoded shared key while being adjacent to the device."
        }
      ],
      "impacts": [
        {
          "capecId": "CAPEC-21",
          "descriptions": [
            {
              "lang": "en",
              "value": "CAPEC-21 Exploitation of Trusted Credentials"
            }
          ]
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "ADJACENT_NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-798",
              "description": "CWE-798 Use of Hard-coded Credentials",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2022-11-09T16:11:03.018Z",
        "orgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
        "shortName": "CERTVDE"
      },
      "references": [
        {
          "url": "https://www.fit.vutbr.cz/~polcak/CVE-2021-34577"
        }
      ],
      "source": {
        "discovery": "EXTERNAL"
      },
      "title": "Hardcoded credentials in Kaden PICOFLUX AiR",
      "x_generator": {
        "engine": "Vulnogram 0.1.0-dev"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
    "assignerShortName": "CERTVDE",
    "cveId": "CVE-2021-34577",
    "datePublished": "2022-11-09T16:11:03.018Z",
    "dateReserved": "2021-06-10T19:19:08.025Z",
    "dateUpdated": "2025-05-01T19:16:45.077Z",
    "requesterUserId": "520cc88b-a1c8-44f6-9154-21a4d74c769f",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2021-34571 (GCVE-0-2021-34571)

Vulnerability from cvelistv5 – Published: 2021-09-16 12:20 – Updated: 2024-09-16 16:13
VLAI
Title
Hard-coded Credentials in Enbra Wireless M-Bus devices
Summary
Multiple Wireless M-Bus devices by Enbra use Hard-coded Credentials in Security mode 5 without an option to change the encryption key. An adversary can learn all information that is available in Enbra EWM.
CWE
  • CWE-798 - Use of Hard-coded Credentials
Assigner
References
Impacted products
Vendor Product Version
Enbra AT-WMBUS-16-2 Unknown: all
Create a notification for this product.
Enbra ER-AM DN 15 Unknown: ER-AM DN 15/SV all
Unknown: ER-AM DN 15/TV all
Create a notification for this product.
Enbra EWM 1.7.29 Affected: 03.11.2019
Create a notification for this product.
Date Public
2021-08-31 00:00
Credits
Libor POLČÁK reported to CERT@VDE
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T00:12:50.369Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://www.fit.vutbr.cz/~polcak/CVE-2021-34571.en"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "AT-WMBUS-16-2",
          "vendor": "Enbra",
          "versions": [
            {
              "status": "unknown",
              "version": "all"
            }
          ]
        },
        {
          "product": "ER-AM DN 15",
          "vendor": "Enbra",
          "versions": [
            {
              "status": "unknown",
              "version": "ER-AM DN 15/SV all"
            },
            {
              "status": "unknown",
              "version": "ER-AM DN 15/TV all"
            }
          ]
        },
        {
          "product": "EWM 1.7.29",
          "vendor": "Enbra",
          "versions": [
            {
              "status": "affected",
              "version": "03.11.2019"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "Libor POL\u010c\u00c1K reported to CERT@VDE"
        }
      ],
      "datePublic": "2021-08-31T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "Multiple Wireless M-Bus devices by Enbra use Hard-coded Credentials in Security mode 5 without an option to change the encryption key. An adversary can learn all information that is available in Enbra EWM."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "ADJACENT_NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-798",
              "description": "CWE-798 Use of Hard-coded Credentials",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2021-09-16T12:20:15.000Z",
        "orgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
        "shortName": "CERTVDE"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://www.fit.vutbr.cz/~polcak/CVE-2021-34571.en"
        }
      ],
      "source": {
        "discovery": "EXTERNAL"
      },
      "title": "Hard-coded Credentials in Enbra Wireless M-Bus devices",
      "x_generator": {
        "engine": "Vulnogram 0.0.9"
      },
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "info@cert.vde.com",
          "DATE_PUBLIC": "2021-08-31T22:00:00.000Z",
          "ID": "CVE-2021-34571",
          "STATE": "PUBLIC",
          "TITLE": "Hard-coded Credentials in Enbra Wireless M-Bus devices"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "AT-WMBUS-16-2",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "?",
                            "version_value": "all"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "ER-AM DN 15",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "?",
                            "version_name": "ER-AM DN 15/SV",
                            "version_value": "all"
                          },
                          {
                            "version_affected": "?",
                            "version_name": "ER-AM DN 15/TV",
                            "version_value": "all"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "EWM 1.7.29",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "=",
                            "version_value": "03.11.2019"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Enbra"
              }
            ]
          }
        },
        "credit": [
          {
            "lang": "eng",
            "value": "Libor POL\u010c\u00c1K reported to CERT@VDE"
          }
        ],
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Multiple Wireless M-Bus devices by Enbra use Hard-coded Credentials in Security mode 5 without an option to change the encryption key. An adversary can learn all information that is available in Enbra EWM."
            }
          ]
        },
        "generator": {
          "engine": "Vulnogram 0.0.9"
        },
        "impact": {
          "cvss": {
            "attackComplexity": "LOW",
            "attackVector": "ADJACENT_NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-798 Use of Hard-coded Credentials"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://www.fit.vutbr.cz/~polcak/CVE-2021-34571.en",
              "refsource": "CONFIRM",
              "url": "https://www.fit.vutbr.cz/~polcak/CVE-2021-34571.en"
            }
          ]
        },
        "source": {
          "discovery": "EXTERNAL"
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
    "assignerShortName": "CERTVDE",
    "cveId": "CVE-2021-34571",
    "datePublished": "2021-09-16T12:20:15.225Z",
    "dateReserved": "2021-06-10T00:00:00.000Z",
    "dateUpdated": "2024-09-16T16:13:55.210Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2021-34565 (GCVE-0-2021-34565)

Vulnerability from cvelistv5 – Published: 2021-08-31 10:33 – Updated: 2024-09-17 03:22
VLAI
Title
In WirelessHART-Gateway versions 3.0.7 to 3.0.9 hard-coded credentials have been found
Summary
In PEPPERL+FUCHS WirelessHART-Gateway 3.0.7 to 3.0.9 the SSH and telnet services are active with hard-coded credentials.
CWE
  • CWE-798 - Use of Hard-coded Credentials
Assigner
References
Impacted products
Vendor Product Version
Phoenix Contact WHA-GW-F2D2-0-AS- Z2-ETH Affected: 3.0.7 , < 3.0.7* (custom)
Affected: 3.0.9 , ≤ 3.0.9 (custom)
Create a notification for this product.
Phoenix Contact WHA-GW-F2D2-0-AS- Z2-ETH.EIP Affected: 3.0.7 , < 3.0.7* (custom)
Affected: 3.0.9 , ≤ 3.0.9 (custom)
Create a notification for this product.
Date Public
2021-08-16 00:00
Credits
Pepperl+Fuchs reported this vulnerability. CERT@VDE coordinated.
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T00:12:50.412Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://cert.vde.com/en-us/advisories/vde-2021-027"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "WHA-GW-F2D2-0-AS- Z2-ETH",
          "vendor": "Phoenix Contact",
          "versions": [
            {
              "lessThan": "3.0.7*",
              "status": "affected",
              "version": "3.0.7",
              "versionType": "custom"
            },
            {
              "lessThanOrEqual": "3.0.9",
              "status": "affected",
              "version": "3.0.9",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "WHA-GW-F2D2-0-AS- Z2-ETH.EIP",
          "vendor": "Phoenix Contact",
          "versions": [
            {
              "lessThan": "3.0.7*",
              "status": "affected",
              "version": "3.0.7",
              "versionType": "custom"
            },
            {
              "lessThanOrEqual": "3.0.9",
              "status": "affected",
              "version": "3.0.9",
              "versionType": "custom"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "Pepperl+Fuchs reported this vulnerability. CERT@VDE coordinated."
        }
      ],
      "datePublic": "2021-08-16T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "In PEPPERL+FUCHS WirelessHART-Gateway 3.0.7 to 3.0.9 the SSH and telnet services are active with hard-coded credentials."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-798",
              "description": "CWE-798 Use of Hard-coded Credentials",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2021-08-31T10:33:00.000Z",
        "orgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
        "shortName": "CERTVDE"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://cert.vde.com/en-us/advisories/vde-2021-027"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "value": "No update available."
        }
      ],
      "source": {
        "advisory": "VDE-2021-027",
        "discovery": "INTERNAL"
      },
      "title": "In WirelessHART-Gateway versions 3.0.7 to 3.0.9 hard-coded credentials have been found",
      "workarounds": [
        {
          "lang": "en",
          "value": "An external protective measure is required.\n\n* Minimize network exposure for affected products and ensure that they are not accessible via the Internet.\n* Isolate affected products from the corporate network.\n* If remote access is required, use secure methods such as virtual private networks (VPNs)."
        }
      ],
      "x_generator": {
        "engine": "Vulnogram 0.0.9"
      },
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "info@cert.vde.com",
          "DATE_PUBLIC": "2021-08-16T07:07:00.000Z",
          "ID": "CVE-2021-34565",
          "STATE": "PUBLIC",
          "TITLE": "In WirelessHART-Gateway versions 3.0.7 to 3.0.9 hard-coded credentials have been found"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "WHA-GW-F2D2-0-AS- Z2-ETH",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "\u003e=",
                            "version_name": "3.0.7",
                            "version_value": "3.0.7"
                          },
                          {
                            "version_affected": "\u003c=",
                            "version_name": "3.0.9",
                            "version_value": "3.0.9"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "WHA-GW-F2D2-0-AS- Z2-ETH.EIP",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "\u003e=",
                            "version_name": "3.0.7",
                            "version_value": "3.0.7"
                          },
                          {
                            "version_affected": "\u003c=",
                            "version_name": "3.0.9",
                            "version_value": "3.0.9"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Phoenix Contact"
              }
            ]
          }
        },
        "credit": [
          {
            "lang": "eng",
            "value": "Pepperl+Fuchs reported this vulnerability. CERT@VDE coordinated."
          }
        ],
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "In PEPPERL+FUCHS WirelessHART-Gateway 3.0.7 to 3.0.9 the SSH and telnet services are active with hard-coded credentials."
            }
          ]
        },
        "generator": {
          "engine": "Vulnogram 0.0.9"
        },
        "impact": {
          "cvss": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-798 Use of Hard-coded Credentials"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://cert.vde.com/en-us/advisories/vde-2021-027",
              "refsource": "CONFIRM",
              "url": "https://cert.vde.com/en-us/advisories/vde-2021-027"
            }
          ]
        },
        "solution": [
          {
            "lang": "en",
            "value": "No update available."
          }
        ],
        "source": {
          "advisory": "VDE-2021-027",
          "discovery": "INTERNAL"
        },
        "work_around": [
          {
            "lang": "en",
            "value": "An external protective measure is required.\n\n* Minimize network exposure for affected products and ensure that they are not accessible via the Internet.\n* Isolate affected products from the corporate network.\n* If remote access is required, use secure methods such as virtual private networks (VPNs)."
          }
        ]
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
    "assignerShortName": "CERTVDE",
    "cveId": "CVE-2021-34565",
    "datePublished": "2021-08-31T10:33:00.698Z",
    "dateReserved": "2021-06-10T00:00:00.000Z",
    "dateUpdated": "2024-09-17T03:22:29.106Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2021-33540 (GCVE-0-2021-33540)

Vulnerability from cvelistv5 – Published: 2021-06-25 18:26 – Updated: 2024-09-17 03:18
VLAI
Title
Phoenix Contact: Undocumented FTP acces in certain AXL F BK and IL BK devices
Summary
In certain devices of the Phoenix Contact AXL F BK and IL BK product families an undocumented password protected FTP access to the root directory exists.
CWE
  • CWE-798 - Use of Hard-coded Credentials
Assigner
References
Impacted products
Vendor Product Version
Phoenix Contact AXL F BK Affected: AXL F PN TPS XC (1068857) , < 1.30 (custom)
Affected: AXL F EIP EF (2702782) , < 1.30 (custom)
Create a notification for this product.
Phoenix Contact AXL F BK Affected: AXL F PN TPS (2403869) , < 1.30 (custom)
Create a notification for this product.
Phoenix Contact AXL F BK Affected: AXL F EIP (2688394) , < 1.30 (custom)
Affected: AXL F ETH (2688459) , < 1.30 (custom)
Affected: AXL F ETH XC (2701949) , < 1.30 (custom)
Affected: AXL F S3 (2701686) , < 1.40 (custom)
Create a notification for this product.
Phoenix Contact AXL F BK Affected: AXL F PN (2701815) all revisions
Affected: AXL F PN XC (2701222) all revisions
Affected: AXL F ETH NET2 (2702177) all revisions
Affected: AXL F SAS (2701457) all revisions
Create a notification for this product.
Phoenix Contact IL Affected: IL PN BK-PAC (2403696) all revisions
Affected: IL PN BK DI8 DO4 2TX-PAC (2703994) all revisions
Affected: IL PN BK DI8 DO4 2SCRJ-PAC (2878379) all revisions
Affected: IL ETH BK DI8 DO4 2TX-XC-PAC (2701388) all revisions
Affected: IL ETH BK DI8 DO4 2TX-PAC (2703981) all revisions
Affected: IL EIP BK DI8 DO4 2TX-PAC (2897758) all revisions
Affected: IL S3 BK DI8 DO4 2TX-PAC (2692380) all revisions
Create a notification for this product.
Date Public
2021-06-23 00:00
Credits
This vulnerability was discovered by Secuvera. PHOENIX CONTACT thanks CERT@VDE for the coordination and support with this publication.
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T23:50:42.999Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://cert.vde.com/en-us/advisories/vde-2021-021"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "platforms": [
            "HW \u003c 01"
          ],
          "product": "AXL F BK",
          "vendor": "Phoenix Contact",
          "versions": [
            {
              "lessThan": "1.30",
              "status": "affected",
              "version": "AXL F PN TPS XC (1068857)",
              "versionType": "custom"
            },
            {
              "lessThan": "1.30",
              "status": "affected",
              "version": "AXL F EIP EF (2702782)",
              "versionType": "custom"
            }
          ]
        },
        {
          "platforms": [
            "HW \u003c 02"
          ],
          "product": "AXL F BK",
          "vendor": "Phoenix Contact",
          "versions": [
            {
              "lessThan": "1.30",
              "status": "affected",
              "version": "AXL F PN TPS (2403869)",
              "versionType": "custom"
            }
          ]
        },
        {
          "platforms": [
            "HW \u003c 05"
          ],
          "product": "AXL F BK",
          "vendor": "Phoenix Contact",
          "versions": [
            {
              "lessThan": "1.30",
              "status": "affected",
              "version": "AXL F EIP (2688394)",
              "versionType": "custom"
            },
            {
              "lessThan": "1.30",
              "status": "affected",
              "version": "AXL F ETH (2688459)",
              "versionType": "custom"
            },
            {
              "lessThan": "1.30",
              "status": "affected",
              "version": "AXL F ETH XC (2701949)",
              "versionType": "custom"
            },
            {
              "lessThan": "1.40",
              "status": "affected",
              "version": "AXL F S3 (2701686)",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "AXL F BK",
          "vendor": "Phoenix Contact",
          "versions": [
            {
              "status": "affected",
              "version": "AXL F PN (2701815) all revisions"
            },
            {
              "status": "affected",
              "version": "AXL F PN XC (2701222) all revisions"
            },
            {
              "status": "affected",
              "version": "AXL F ETH NET2 (2702177) all revisions"
            },
            {
              "status": "affected",
              "version": "AXL F SAS (2701457) all revisions"
            }
          ]
        },
        {
          "product": "IL",
          "vendor": "Phoenix Contact",
          "versions": [
            {
              "status": "affected",
              "version": "IL PN BK-PAC (2403696) all revisions"
            },
            {
              "status": "affected",
              "version": "IL PN BK DI8 DO4 2TX-PAC (2703994) all revisions"
            },
            {
              "status": "affected",
              "version": "IL PN BK DI8 DO4 2SCRJ-PAC (2878379) all revisions"
            },
            {
              "status": "affected",
              "version": "IL ETH BK DI8 DO4 2TX-XC-PAC (2701388) all revisions"
            },
            {
              "status": "affected",
              "version": "IL ETH BK DI8 DO4 2TX-PAC (2703981) all revisions"
            },
            {
              "status": "affected",
              "version": "IL EIP BK DI8 DO4 2TX-PAC (2897758) all revisions"
            },
            {
              "status": "affected",
              "version": "IL S3 BK DI8 DO4 2TX-PAC (2692380) all revisions"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "This vulnerability was discovered by Secuvera. PHOENIX CONTACT thanks CERT@VDE for the coordination and support with this publication."
        }
      ],
      "datePublic": "2021-06-23T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "In certain devices of the Phoenix Contact AXL F BK and IL BK product families an undocumented password protected FTP access to the root directory exists."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "LOW",
            "baseScore": 7.3,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "LOW",
            "integrityImpact": "LOW",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-798",
              "description": "CWE-798 Use of Hard-coded Credentials",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2021-06-25T18:26:04.000Z",
        "orgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
        "shortName": "CERTVDE"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://cert.vde.com/en-us/advisories/vde-2021-021"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "value": "Please refer to the advisory (https://cert.vde.com/en-us/advisories/vde-2021-021) for a list of updated firmware versions for remediation."
        }
      ],
      "source": {
        "advisory": "VDE-2021-021",
        "defect": [
          "VDE-2021-021"
        ],
        "discovery": "EXTERNAL"
      },
      "title": "Phoenix Contact: Undocumented FTP acces in certain AXL F BK and IL BK devices",
      "x_generator": {
        "engine": "Vulnogram 0.0.9"
      },
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "info@cert.vde.com",
          "DATE_PUBLIC": "2021-06-23T10:00:00.000Z",
          "ID": "CVE-2021-33540",
          "STATE": "PUBLIC",
          "TITLE": "Phoenix Contact: Undocumented FTP acces in certain AXL F BK and IL BK devices"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "AXL F BK",
                      "version": {
                        "version_data": [
                          {
                            "platform": "HW \u003c 01",
                            "version_affected": "\u003c",
                            "version_name": "AXL F PN TPS XC (1068857)",
                            "version_value": "1.30"
                          },
                          {
                            "platform": "HW \u003c 02",
                            "version_affected": "\u003c",
                            "version_name": "AXL F PN TPS (2403869)",
                            "version_value": "1.30"
                          },
                          {
                            "platform": "HW \u003c 05",
                            "version_affected": "\u003c",
                            "version_name": "AXL F EIP (2688394)",
                            "version_value": "1.30"
                          },
                          {
                            "platform": "HW \u003c 01",
                            "version_affected": "\u003c",
                            "version_name": "AXL F EIP EF (2702782)",
                            "version_value": "1.30"
                          },
                          {
                            "platform": "HW \u003c 05",
                            "version_affected": "\u003c",
                            "version_name": "AXL F ETH (2688459)",
                            "version_value": "1.30"
                          },
                          {
                            "platform": "HW \u003c 05",
                            "version_affected": "\u003c",
                            "version_name": "AXL F ETH XC (2701949)",
                            "version_value": "1.30"
                          },
                          {
                            "platform": "HW \u003c 05",
                            "version_affected": "\u003c",
                            "version_name": "AXL F S3 (2701686)",
                            "version_value": "1.40"
                          },
                          {
                            "version_affected": "=",
                            "version_name": "AXL F PN (2701815)",
                            "version_value": "all revisions"
                          },
                          {
                            "version_affected": "=",
                            "version_name": "AXL F PN XC (2701222)",
                            "version_value": "all revisions"
                          },
                          {
                            "version_affected": "=",
                            "version_name": "AXL F ETH NET2 (2702177)",
                            "version_value": "all revisions"
                          },
                          {
                            "version_affected": "=",
                            "version_name": "AXL F SAS (2701457)",
                            "version_value": "all revisions"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "IL",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "=",
                            "version_name": "IL PN BK-PAC (2403696)",
                            "version_value": "all revisions"
                          },
                          {
                            "version_affected": "=",
                            "version_name": "IL PN BK DI8 DO4 2TX-PAC (2703994)",
                            "version_value": "all revisions"
                          },
                          {
                            "version_affected": "=",
                            "version_name": "IL PN BK DI8 DO4 2SCRJ-PAC (2878379)",
                            "version_value": "all revisions"
                          },
                          {
                            "version_affected": "=",
                            "version_name": "IL ETH BK DI8 DO4 2TX-XC-PAC (2701388)",
                            "version_value": "all revisions"
                          },
                          {
                            "version_affected": "=",
                            "version_name": "IL ETH BK DI8 DO4 2TX-PAC (2703981)",
                            "version_value": "all revisions"
                          },
                          {
                            "version_affected": "=",
                            "version_name": "IL EIP BK DI8 DO4 2TX-PAC (2897758)",
                            "version_value": "all revisions"
                          },
                          {
                            "version_affected": "=",
                            "version_name": "IL S3 BK DI8 DO4 2TX-PAC (2692380)",
                            "version_value": "all revisions"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Phoenix Contact"
              }
            ]
          }
        },
        "credit": [
          {
            "lang": "eng",
            "value": "This vulnerability was discovered by Secuvera. PHOENIX CONTACT thanks CERT@VDE for the coordination and support with this publication."
          }
        ],
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "In certain devices of the Phoenix Contact AXL F BK and IL BK product families an undocumented password protected FTP access to the root directory exists."
            }
          ]
        },
        "generator": {
          "engine": "Vulnogram 0.0.9"
        },
        "impact": {
          "cvss": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "LOW",
            "baseScore": 7.3,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "LOW",
            "integrityImpact": "LOW",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
            "version": "3.1"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-798 Use of Hard-coded Credentials"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://cert.vde.com/en-us/advisories/vde-2021-021",
              "refsource": "CONFIRM",
              "url": "https://cert.vde.com/en-us/advisories/vde-2021-021"
            }
          ]
        },
        "solution": [
          {
            "lang": "en",
            "value": "Please refer to the advisory (https://cert.vde.com/en-us/advisories/vde-2021-021) for a list of updated firmware versions for remediation."
          }
        ],
        "source": {
          "advisory": "VDE-2021-021",
          "defect": [
            "VDE-2021-021"
          ],
          "discovery": "EXTERNAL"
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
    "assignerShortName": "CERTVDE",
    "cveId": "CVE-2021-33540",
    "datePublished": "2021-06-25T18:26:04.688Z",
    "dateReserved": "2021-05-24T00:00:00.000Z",
    "dateUpdated": "2024-09-17T03:18:18.324Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2021-33531 (GCVE-0-2021-33531)

Vulnerability from cvelistv5 – Published: 2021-06-25 18:25 – Updated: 2024-09-16 23:16
VLAI
Title
WEIDMUELLER: WLAN devices affected by Hard-coded Credentials vulnerability
Summary
In Weidmueller Industrial WLAN devices in multiple versions an exploitable use of hard-coded credentials vulnerability exists in multiple iw_* utilities. The device operating system contains an undocumented encryption password, allowing for the creation of custom diagnostic scripts. An attacker can send diagnostic scripts while authenticated as a low privilege user to trigger this vulnerability.
CWE
  • CWE-798 - Use of Hard-coded Credentials
Assigner
References
Impacted products
Vendor Product Version
Weidmüller IE-WL(T)-BL-AP-CL-XX Affected: IE-WL-BL-AP-CL-EU (2536600000) , ≤ V1.16.18 (Build 18081617) (custom)
Affected: IE-WLT-BL-AP-CL-EU (2536650000) , ≤ V1.16.18 (Build 18081617) (custom)
Affected: IE-WL-BL-AP-CL-US (2536660000) , ≤ V1.16.18 (Build 18081617) (custom)
Affected: IE-WLT-BL-AP-CL-US (2536670000) , ≤ V1.16.18 (Build 18081617) (custom)
Create a notification for this product.
Weidmüller IE-WL(T)-VL-AP-CL-XX Affected: IE-WL-VL-AP-BR-CL-EU (2536680000) , ≤ V1.11.10 (Build 18122616) (custom)
Affected: IE-WLT-VL-AP-BR-CL-EU (2536690000) , ≤ V1.11.10 (Build 18122616) (custom)
Affected: IE-WL-VL-AP-BR-CL-US (2536700000) , ≤ V1.11.10 (Build 18122616) (custom)
Affected: IE-WLT-VL-AP-BR-CL-US (2536710000) , ≤ V1.11.10 (Build 18122616) (custom)
Create a notification for this product.
Date Public
2021-06-23 00:00
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T23:50:42.986Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://cert.vde.com/en-us/advisories/vde-2021-026"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "IE-WL(T)-BL-AP-CL-XX",
          "vendor": "Weidm\u00fcller",
          "versions": [
            {
              "lessThanOrEqual": "V1.16.18 (Build 18081617)",
              "status": "affected",
              "version": "IE-WL-BL-AP-CL-EU (2536600000)",
              "versionType": "custom"
            },
            {
              "lessThanOrEqual": "V1.16.18 (Build 18081617)",
              "status": "affected",
              "version": "IE-WLT-BL-AP-CL-EU (2536650000)",
              "versionType": "custom"
            },
            {
              "lessThanOrEqual": "V1.16.18 (Build 18081617)",
              "status": "affected",
              "version": "IE-WL-BL-AP-CL-US (2536660000)",
              "versionType": "custom"
            },
            {
              "lessThanOrEqual": "V1.16.18 (Build 18081617)",
              "status": "affected",
              "version": "IE-WLT-BL-AP-CL-US (2536670000)",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "IE-WL(T)-VL-AP-CL-XX",
          "vendor": "Weidm\u00fcller",
          "versions": [
            {
              "lessThanOrEqual": "V1.11.10 (Build 18122616)",
              "status": "affected",
              "version": "IE-WL-VL-AP-BR-CL-EU (2536680000)",
              "versionType": "custom"
            },
            {
              "lessThanOrEqual": "V1.11.10 (Build 18122616)",
              "status": "affected",
              "version": "IE-WLT-VL-AP-BR-CL-EU (2536690000)",
              "versionType": "custom"
            },
            {
              "lessThanOrEqual": "V1.11.10 (Build 18122616)",
              "status": "affected",
              "version": "IE-WL-VL-AP-BR-CL-US (2536700000)",
              "versionType": "custom"
            },
            {
              "lessThanOrEqual": "V1.11.10 (Build 18122616)",
              "status": "affected",
              "version": "IE-WLT-VL-AP-BR-CL-US (2536710000)",
              "versionType": "custom"
            }
          ]
        }
      ],
      "datePublic": "2021-06-23T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "In Weidmueller Industrial WLAN devices in multiple versions an exploitable use of hard-coded credentials vulnerability exists in multiple iw_* utilities. The device operating system contains an undocumented encryption password, allowing for the creation of custom diagnostic scripts. An attacker can send diagnostic scripts while authenticated as a low privilege user to trigger this vulnerability."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-798",
              "description": "CWE-798 Use of Hard-coded Credentials",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2021-06-25T18:25:56.000Z",
        "orgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
        "shortName": "CERTVDE"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://cert.vde.com/en-us/advisories/vde-2021-026"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "value": "For IE-WL(T)-BL-AP-CL-XX versions V1.16.21 (Build 21010513) and greater are fixed.\nFor IE-WL(T)-VL-AP-CL-XX versions V1.11.13 (Build 21010513) and greater are fixed."
        }
      ],
      "source": {
        "advisory": "VDE-2021-026",
        "defect": [
          "VDE-2021-026"
        ],
        "discovery": "EXTERNAL"
      },
      "title": "WEIDMUELLER: WLAN devices affected by Hard-coded Credentials vulnerability",
      "x_generator": {
        "engine": "Vulnogram 0.0.9"
      },
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "info@cert.vde.com",
          "DATE_PUBLIC": "2021-06-23T10:00:00.000Z",
          "ID": "CVE-2021-33531",
          "STATE": "PUBLIC",
          "TITLE": "WEIDMUELLER: WLAN devices affected by Hard-coded Credentials vulnerability"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "IE-WL(T)-BL-AP-CL-XX",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "\u003c=",
                            "version_name": "IE-WL-BL-AP-CL-EU (2536600000)",
                            "version_value": "V1.16.18 (Build 18081617)"
                          },
                          {
                            "version_affected": "\u003c=",
                            "version_name": "IE-WLT-BL-AP-CL-EU (2536650000)",
                            "version_value": "V1.16.18 (Build 18081617)"
                          },
                          {
                            "version_affected": "\u003c=",
                            "version_name": "IE-WL-BL-AP-CL-US (2536660000)",
                            "version_value": "V1.16.18 (Build 18081617)"
                          },
                          {
                            "version_affected": "\u003c=",
                            "version_name": "IE-WLT-BL-AP-CL-US (2536670000)",
                            "version_value": "V1.16.18 (Build 18081617)"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "IE-WL(T)-VL-AP-CL-XX",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "\u003c=",
                            "version_name": "IE-WL-VL-AP-BR-CL-EU (2536680000)",
                            "version_value": "V1.11.10 (Build 18122616)"
                          },
                          {
                            "version_affected": "\u003c=",
                            "version_name": "IE-WLT-VL-AP-BR-CL-EU (2536690000)",
                            "version_value": "V1.11.10 (Build 18122616)"
                          },
                          {
                            "version_affected": "\u003c=",
                            "version_name": "IE-WL-VL-AP-BR-CL-US (2536700000)",
                            "version_value": "V1.11.10 (Build 18122616)"
                          },
                          {
                            "version_affected": "\u003c=",
                            "version_name": "IE-WLT-VL-AP-BR-CL-US (2536710000)",
                            "version_value": "V1.11.10 (Build 18122616)"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Weidm\u00fcller"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "In Weidmueller Industrial WLAN devices in multiple versions an exploitable use of hard-coded credentials vulnerability exists in multiple iw_* utilities. The device operating system contains an undocumented encryption password, allowing for the creation of custom diagnostic scripts. An attacker can send diagnostic scripts while authenticated as a low privilege user to trigger this vulnerability."
            }
          ]
        },
        "generator": {
          "engine": "Vulnogram 0.0.9"
        },
        "impact": {
          "cvss": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-798 Use of Hard-coded Credentials"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://cert.vde.com/en-us/advisories/vde-2021-026",
              "refsource": "CONFIRM",
              "url": "https://cert.vde.com/en-us/advisories/vde-2021-026"
            }
          ]
        },
        "solution": [
          {
            "lang": "en",
            "value": "For IE-WL(T)-BL-AP-CL-XX versions V1.16.21 (Build 21010513) and greater are fixed.\nFor IE-WL(T)-VL-AP-CL-XX versions V1.11.13 (Build 21010513) and greater are fixed."
          }
        ],
        "source": {
          "advisory": "VDE-2021-026",
          "defect": [
            "VDE-2021-026"
          ],
          "discovery": "EXTERNAL"
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
    "assignerShortName": "CERTVDE",
    "cveId": "CVE-2021-33531",
    "datePublished": "2021-06-25T18:25:56.622Z",
    "dateReserved": "2021-05-24T00:00:00.000Z",
    "dateUpdated": "2024-09-16T23:16:36.995Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Mitigation
Architecture and Design
  • For outbound authentication: store passwords, keys, and other credentials outside of the code in a strongly-protected, encrypted configuration file or database that is protected from access by all outsiders, including other local users on the same system. Properly protect the key (CWE-320). If you cannot use encryption to protect the file, then make sure that the permissions are as restrictive as possible [REF-7].
  • In Windows environments, the Encrypted File System (EFS) may provide some protection.
Mitigation
Architecture and Design

For inbound authentication: Rather than hard-code a default username and password, key, or other authentication credentials for first time logins, utilize a "first login" mode that requires the user to enter a unique strong password or key.

Mitigation
Architecture and Design

If the product must contain hard-coded credentials or they cannot be removed, perform access control checks and limit which entities can access the feature that requires the hard-coded credentials. For example, a feature might only be enabled through the system console instead of through a network connection.

Mitigation
Architecture and Design
  • For inbound authentication using passwords: apply strong one-way hashes to passwords and store those hashes in a configuration file or database with appropriate access control. That way, theft of the file/database still requires the attacker to try to crack the password. When handling an incoming password during authentication, take the hash of the password and compare it to the saved hash.
  • Use randomly assigned salts for each separate hash that is generated. This increases the amount of computation that an attacker needs to conduct a brute-force attack, possibly limiting the effectiveness of the rainbow table method.
Mitigation
Architecture and Design
  • For front-end to back-end connections: Three solutions are possible, although none are complete.
  • The first suggestion involves the use of generated passwords or keys that are changed automatically and must be entered at given time intervals by a system administrator. These passwords will be held in memory and only be valid for the time intervals.
  • Next, the passwords or keys should be limited at the back end to only performing actions valid for the front end, as opposed to having full access.
  • Finally, the messages sent should be tagged and checksummed with time sensitive values so as to prevent replay-style attacks.
CAPEC-191: Read Sensitive Constants Within an Executable

An adversary engages in activities to discover any sensitive constants present within the compiled code of an executable. These constants may include literal ASCII strings within the file itself, or possibly strings hard-coded into particular routines that can be revealed by code refactoring methods including static and dynamic analysis.

CAPEC-70: Try Common or Default Usernames and Passwords

An adversary may try certain common or default usernames and passwords to gain access into the system and perform unauthorized actions. An adversary may try an intelligent brute force using empty passwords, known vendor default credentials, as well as a dictionary of common usernames and passwords. Many vendor products come preconfigured with default (and thus well-known) usernames and passwords that should be deleted prior to usage in a production environment. It is a common mistake to forget to remove these default login credentials. Another problem is that users would pick very simple (common) passwords (e.g. "secret" or "password") that make it easier for the attacker to gain access to the system compared to using a brute force attack or even a dictionary attack using a full dictionary.