Skip to main content

Use of Hard-coded Credentials

CVE-2021-44464

Severity High
Score 8.8/10

Summary

Vigilant Software Suite (Mastermed Dashboard) version 2.0.1.3 contains service credentials likely to be common across all instances. An attacker in possession of the password may gain privileges on all installations of this software.

  • LOW
  • NETWORK
  • HIGH
  • UNCHANGED
  • NONE
  • LOW
  • HIGH
  • HIGH

CWE-798 - Use of Hard-coded Credentials

The software contains hard-coded credentials, such as a password or cryptographic key, which it uses for its own inbound authentication, outbound communication to external components, or encryption of internal data.

References

Advisory Timeline

  • Published