CWE-255
124 active CVEs classified under this weakness category. Sourced from NVD, GHSA, and vendor advisories. Full definition on MITRE →
CVEs classified under CWE-255page 2 of 3
- CVE-2016-6547HIGHCVSS 7.8EG 7.82018-07-13
The Zizai Tech Nut mobile app stores the account password used to authenticate to the cloud API in cleartext in the cache.db file.
- CVE-2016-6551CRITICALCVSS 9.8EG 9.82018-07-13
Intellian Satellite TV antennas t-Series and v-Series, firmware version 1.07, uses non-random default credentials of: ftp/ftp or intellian:12345678. A remote network attacker can gain elevated access to a vulnerable device.
- CVE-2016-6552CRITICALCVSS 9.8EG 9.82018-07-13
Green Packet DX-350 uses non-random default credentials of: root:wimax. A remote network attacker can gain privileged access to a vulnerable device.
- CVE-2016-6553CRITICALCVSS 9.8EG 9.82018-07-13
Nuuo NT-4040 Titan, firmware NT-4040_01.07.0000.0015_1120, uses non-random default credentials of: admin:admin and localdisplay:111111. A remote network attacker can gain privileged access to a vulnerable device.
- CVE-2016-6554CRITICALCVSS 9.8EG 9.82018-07-13
Synology NAS servers DS107, firmware version 3.1-1639 and prior, and DS116, DS213, firmware versions prior to 5.2-5644-1, use non-random default credentials of: guest:(blank) and admin:(blank) . A remote network attacker can gain privilege…
- CVE-2016-6599CRITICALCVSS 9.8EG 9.82018-01-30
BMC Track-It! 11.4 before Hotfix 3 exposes an unauthenticated .NET remoting configuration service (ConfigurationService) on port 9010. This service contains a method that can be used to retrieve a configuration file that contains the appli…
- CVE-2016-7043MEDIUMCVSS 5.9EG 5.92019-05-15
It has been reported that KIE server and Busitess Central before version 7.21.0.Final contain username and password as plaintext Java properties. Any app deployed on the same server would have access to these properties, thus granting acce…
- CVE-2016-8366HIGHCVSS 7.3EG 7.32018-04-05
Webvisit in Phoenix Contact ILC PLCs offers a password macro to protect HMI pages on the PLC against casual or coincidental opening of HMI pages by the user. The password macro can be configured in a way that the password is stored and tra…
- CVE-2016-8616LOWCVSS 3.7EG 5.92018-08-01
A flaw was found in curl before version 7.51.0 When re-using a connection, curl was doing case insensitive comparisons of user name and password with the existing connections. This means that if an unused connection with proper credentials…
- CVE-2016-9489HIGHCVSS 8.8EG 8.82018-07-13
In ManageEngine Applications Manager 12 and 13 before build 13200, an authenticated user is able to alter all of their own properties, including own group, i.e. changing their group to one with higher privileges like "ADMIN". A user is als…
- CVE-2016-9593MEDIUMCVSS 4.7EG 8.82018-04-16
foreman-debug before version 1.15.0 is vulnerable to a flaw in foreman-debug's logging. An attacker with access to the foreman log file would be able to view passwords, allowing them to access those systems.
- CVE-2017-10718MEDIUMCVSS 6.5EG 6.52019-06-17
Recently it was discovered as a part of the research on IoT devices in the most recent firmware for Shekar Endoscope that any malicious user connecting to the device can change the default SSID and password thereby denying the owner an acc…
- CVE-2017-13717HIGHCVSS 8.8EG 8.82019-06-10
Starry Station (aka Starry Router) sets the Access-Control-Allow-Origin header to "*". This allows any hosted file on any domain to make calls to the device's webserver and brute force the credentials and pull any information that is store…
- CVE-2017-17836CRITICALCVSS 9.8EG 9.82019-01-23
In Apache Airflow 1.8.2 and earlier, an experimental Airflow feature displayed authenticated cookies, as well as passwords to databases used by Airflow. An attacker who has limited access to airflow, whether it be via XSS or by leaving a m…
- CVE-2017-18470HIGHCVSS 8.8EG 8.82019-08-05
cPanel before 62.0.4 has a fixed password for the Munin MySQL test account (SEC-196).
- CVE-2017-6047CRITICALCVSS 9.8EG 9.82019-04-02
Detcon Sitewatch Gateway, all versions without cellular, Passwords are presented in plaintext in a file that is accessible without authentication.
- CVE-2017-6900CRITICALCVSS 9.8EG 9.82019-07-03
An issue was discovered in Riello NetMan 204 14-2 and 15-2. The issue is with the login script and wrongpass Python script used for authentication. When calling wrongpass, the variables $VAL0 and $VAL1 should be enclosed in quotes to preve…
- CVE-2017-8229CRITICALCVSS 9.8EG 9.82019-07-03
Amcrest IPM-721S V2.420.AC00.16.R.20160909 devices allow an unauthenticated attacker to download the administrative credentials. If the firmware version V2.420.AC00.16.R 9/9/2016 is dissected using binwalk tool, one obtains a _user-x.squas…
- CVE-2017-8417HIGHCVSS 8.8EG 8.82019-07-02
An issue was discovered on D-Link DCS-1100 and DCS-1130 devices. The device requires that a user logging into the device provide a username and password. However, the device allows D-Link apps on the mobile devices and desktop to communica…
- CVE-2017-9326HIGHCVSS 7.5EG 7.52019-07-03
The keystore password for the Spark History Server may be exposed in unsecured files under the /var/run/cloudera-scm-agent directory managed by Cloudera Manager. The keystore file itself is not exposed.
- CVE-2017-9385CRITICALCVSS 9.8EG 9.82019-06-17
An issue was discovered on Vera Veralite 1.7.481 devices. The device has an additional OpenWRT interface in addition to the standard web interface which allows the highest privileges a user can obtain on the device. This web interface uses…
- CVE-2018-0226HIGHCVSS 7.5EG 7.52018-05-02
A vulnerability in the assignment and management of default user accounts for Secure Shell (SSH) access to Cisco Aironet 1800, 2800, and 3800 Series Access Points that are running Cisco Mobility Express Software could allow an authenticate…
- CVE-2018-0318CRITICALCVSS 9.8EG 9.82018-06-07
A vulnerability in the password reset function of Cisco Prime Collaboration Provisioning (PCP) could allow an unauthenticated, remote attacker to gain unauthorized access to an affected device. The vulnerability is due to insufficient vali…
- CVE-2018-0319CRITICALCVSS 9.8EG 9.82018-06-07
A vulnerability in the password recovery function of Cisco Prime Collaboration Provisioning (PCP) could allow an unauthenticated, remote attacker to gain unauthorized access to an affected device. The vulnerability is due to insufficient v…
- CVE-2018-15389CRITICALCVSS 9.8EG 9.82018-10-05
A vulnerability in the install function of Cisco Prime Collaboration Provisioning (PCP) could allow an unauthenticated, remote attacker to access the administrative web interface using a default hard-coded username and password that are us…
- CVE-2018-15719CRITICALCVSS 9.8EG 9.82018-12-12
Open Dental before version 18.4 installs a mysql database and uses the default credentials of "root" with a blank password. This allows anyone on the network with access to the server to access all database information.
- CVE-2018-6443HIGHCVSS 8.1EG 8.12019-01-22
A vulnerability in Brocade Network Advisor Versions before 14.3.1 could allow an unauthenticated, remote attacker to log in to the JBoss Administration interface of an affected system using an undocumented user credentials and install addi…
- CVE-2018-7788MEDIUMCVSS 6.5EG 6.52019-05-22
A CWE-255 Credentials Management vulnerability exists in Modicon Quantum with firmware versions prior to V2.40. which could cause a Denial Of Service when using a Telnet connection.
- CVE-2018-7820CRITICALCVSS 9.8EG 9.82019-09-17
A Credentials Management CWE-255 vulnerability exists in the APC UPS Network Management Card 2 AOS v6.5.6, which could cause Remote Monitoring Credentials to be viewed in plaintext when Remote Monitoring is enabled, and then disabled.
- CVE-2019-13560CRITICALCVSS 9.8EG 9.82019-07-11
D-Link DIR-655 C devices before 3.02B05 BETA03 allow remote attackers to force a blank password via the apply_sec.cgi setup_wizard parameter.
- CVE-2019-1654HIGHCVSS 7.8EG 7.82019-04-17
A vulnerability in the development shell (devshell) authentication for Cisco Aironet Series Access Points (APs) running the Cisco AP-COS operating system could allow an authenticated, local attacker to access the development shell without …
- CVE-2019-1714HIGHCVSS 8.6EG 8.62019-05-03
A vulnerability in the implementation of Security Assertion Markup Language (SAML) 2.0 Single Sign-On (SSO) for Clientless SSL VPN (WebVPN) and AnyConnect Remote Access VPN in Cisco Adaptive Security Appliance (ASA) Software and Cisco Fire…
- CVE-2019-1950HIGHCVSS 8.4EG 8.42020-02-19
A vulnerability in Cisco IOS XE SD-WAN Software could allow an unauthenticated, local attacker to gain unauthorized access to an affected device. The vulnerability is due to the existence of default credentials within the default configura…
- CVE-2019-4381MEDIUMCVSS 5.5EG 5.52019-06-14
IBM i 7.27.3 Clustering could allow a local attacker to obtain sensitive information, caused by the use of advanced node failure detection using the REST API to interface with the HMC. An attacker could exploit this vulnerability to obtain…
- CVE-2019-5456HIGHCVSS 8.1EG 8.12019-07-30
SMTP MITM refers to a malicious actor setting up an SMTP proxy server between the UniFi Controller version <= 5.10.21 and their actual SMTP server to record their SMTP credentials for malicious use later.
- CVE-2019-7488CRITICALCVSS 9.8EG 9.82019-12-23
Weak default password cause vulnerability in SonicWall Email Security appliance which leads to attacker gain access to appliance database. This vulnerability affected Email Security Appliance version 10.0.2 and earlier.
- CVE-2019-7690CRITICALCVSS 9.8EG 9.82019-05-13
In MobaTek MobaXterm Personal Edition v11.1 Build 3860, the SSH private key and its password can be retrieved from process memory for the lifetime of the process, even after the user disconnects from the remote SSH server. This affects Pas…
- CVE-2020-10287CRITICALCVSS 9.8EG 9.82020-07-15
The IRC5 family with UAS service enabled comes by default with credentials that can be found on publicly available manuals. ABB considers this a well documented functionality that helps customer set up however, out of our research, we foun…
- CVE-2020-1978MEDIUMCVSS 5.8EG 5.82020-04-08
TechSupport files generated on Palo Alto Networks VM Series firewalls for Microsoft Azure platform configured with high availability (HA) inadvertently collect Azure dashboard service account credentials. These credentials are equivalent t…
- CVE-2020-24680HIGHCVSS 7.0EG 7.02020-12-22
In S+ Operations and S+ Historian, the passwords of internal users (not Windows Users) are encrypted but improperly stored in a database.
- CVE-2020-3140CRITICALCVSS 9.8EG 9.82020-07-16
A vulnerability in the web management interface of Cisco Prime License Manager (PLM) Software could allow an unauthenticated, remote attacker to gain unauthorized access to an affected device. The vulnerability is due to insufficient valid…
- CVE-2020-8968HIGHCVSS 7.1EG 7.12021-12-17
Parallels Remote Application Server (RAS) allows a local attacker to retrieve certain profile password in clear text format by uploading a previously stored cyphered file by Parallels RAS. The confidentiality, availability and integrity of…
- CVE-2021-1522MEDIUMCVSS 4.3EG 4.32021-08-04
A vulnerability in the change password API of Cisco Connected Mobile Experiences (CMX) could allow an authenticated, remote attacker to alter their own password to a value that does not comply with the strong authentication requirements th…
- CVE-2021-21505HIGHCVSS 8.0EG 9.82021-05-06
Dell EMC Integrated System for Microsoft Azure Stack Hub, versions 1906 – 2011, contain an undocumented default iDRAC account. A remote unauthenticated attacker, with the knowledge of the default credentials, could potentially exploit th…
- CVE-2021-21522HIGHCVSS 8.2EG 4.42021-09-28
Dell BIOS contains a Credentials Management issue. A local authenticated malicious user may potentially exploit this vulnerability to gain access to sensitive information on an NVMe storage by resetting the BIOS password on the system via …
- CVE-2021-22568HIGHCVSS 8.8EG 8.82021-12-09
When using the dart pub publish command to publish a package to a third-party package server, the request would be authenticated with an oauth2 access_token that is valid for publishing on pub.dev. Using these obtained credentials, an atta…
- CVE-2021-28498HIGHCVSS 8.7EG 7.82021-09-09
In Arista's MOS (Metamako Operating System) software which is supported on the 7130 product line, user enable passwords set in clear text could result in unprivileged users getting complete access to the systems. This issue affects: Arista…
- CVE-2021-28499MEDIUMCVSS 6.3EG 5.52021-09-09
In Arista's MOS (Metamako Operating System) software which is supported on the 7130 product line, user account passwords set in clear text could leak to users without any password. This issue affects: Arista Metamako Operating System MOS-0…
- CVE-2021-28508MEDIUMCVSS 6.8EG 6.12022-05-26
This advisory documents the impact of an internally found vulnerability in Arista EOS state streaming telemetry agent TerminAttr and OpenConfig transport protocols. The impact of this vulnerability is that, in certain conditions, TerminAtt…
- CVE-2021-28509MEDIUMCVSS 6.1EG 6.12022-05-26
This advisory documents the impact of an internally found vulnerability in Arista EOS state streaming telemetry agent TerminAttr and OpenConfig transport protocols. The impact of this vulnerability is that, in certain conditions, TerminAtt…
Map vulnerabilities like CWE-255 to your infrastructure
EchelonGraph correlates every CVE — across CWE-255 and 150+ other weakness categories — against the assets you actually run. See blast radius, fix versions, and remediation steps in one graph.
Start Free Scan →