CVE-2024-23685

MEDIUM Year: 2024
CVSS v3 Score
5.3
Medium
Weakness Type
CWE-798
View all →

Vulnerability Description

Hard-coded credentials in mod-remote-storage versions under 1.7.2 and from 2.0.0 to 2.0.3 allows unauthorized users to gain read access to mod-inventory-storage records including instances, holdings, items, contributor-types, and identifier-types.

Related Vulnerabilities

CVE-2013-1603

MEDIUM
CVSS:5.3(Medium)

An Authentication vulnerability exists in D-LINK WCS-1100 1.02, TESCO DCS-2121 1.05_TESCO, TESCO DCS-2102 1.05_TESCO, DCS-7510 1.00, DCS-7410 1.00, DCS-6410 1.00, DCS-5635 1.01, DCS-5605 1.01, DCS-523...

CWE-7982013

CVE-2017-10616

MEDIUM
CVSS:5.3(Medium)

The ifmap service that comes bundled with Juniper Networks Contrail releases uses hard coded credentials. Affected releases are Contrail releases 2.2 prior to 2.21.4; 3.0 prior to 3.0.3.4; 3.1 prior t...

CWE-7982017

CVE-2017-12709

MEDIUM
CVSS:5.3(Medium)

A Use of Hard-Coded Credentials issue was discovered in MRD-305-DIN versions older than 1.7.5.0, and MRD-315, MRD-355, MRD-455 versions older than 1.7.5.0. The device utilizes hard-coded credentials, ...

CWE-7982017

CVE-2017-2720

MEDIUM
CVSS:5.3(Medium)

FusionSphere OpenStack V100R006C00 has an information exposure vulnerability. The software uses hard-coded cryptographic key to encrypt messages between certain components, which significantly increas...

CWE-7982017

CVE-2018-0329

MEDIUM
CVSS:5.3(Medium)

A vulnerability in the default configuration of the Simple Network Management Protocol (SNMP) feature of Cisco Wide Area Application Services (WAAS) Software could allow an unauthenticated, remote att...

CWE-7982018

CVE-2019-18831

MEDIUM
CVSS:5.3(Medium)

Barco ClickShare Button R9861500D01 devices before 1.9.0 allow Information Exposure. The encrypted ClickShare Button firmware contains the private key of a test device-certificate.

CWE-7982019