Total
4 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2024-4106 | 2024-11-21 | N/A | 5.3 MEDIUM | ||
| A vulnerability has been found in FAST/TOOLS and CI Server. The affected products have built-in accounts with no passwords set. Therefore, if the product is operated without a password set by default, an attacker can break into the affected product. The affected products and versions are as follows: FAST/TOOLS (Packages: RVSVRN, UNSVRN, HMIWEB, FTEES, HMIMOB) R9.01 to R10.04 CI Server R1.01.00 to R1.03.00 | |||||
| CVE-2024-35137 | 1 Ibm | 1 Security Access Manager | 2024-11-21 | N/A | 6.2 MEDIUM |
| IBM Security Access Manager Docker 10.0.0.0 through 10.0.7.1 could allow a local user to possibly elevate their privileges due to sensitive configuration information being exposed. IBM X-Force ID: 292413. | |||||
| CVE-2024-28744 | 2024-11-21 | N/A | 8.8 HIGH | ||
| The password is empty in the initial configuration of ACERA 9010-08 firmware v02.04 and earlier, and ACERA 9010-24 firmware v02.04 and earlier. An unauthenticated attacker may log in to the product with no password, and obtain and/or alter information such as network configuration and user information. The products are affected only when running in non MS mode with the initial configuration. | |||||
| CVE-2023-39439 | 1 Sap | 2 Commerce Cloud, Commerce Hycom | 2024-11-21 | N/A | 8.8 HIGH |
| SAP Commerce Cloud may accept an empty passphrase for user ID and passphrase authentication, allowing users to log into the system without a passphrase. | |||||