Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Cloudcnm_secumanager
(Zyxel)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 35 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2020-06-29 | CVE-2020-15320 | Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has the axiros password for the root account. | Cloudcnm_secumanager | 9.8 | ||
| 2020-06-29 | CVE-2020-15321 | Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has the axzyxel password for the livedbuser account. | Cloudcnm_secumanager | 9.8 | ||
| 2020-06-29 | CVE-2020-15322 | Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has the wbboEZ4BN3ssxAfM hardcoded password for the debian-sys-maint account. | Cloudcnm_secumanager | 9.8 | ||
| 2020-06-29 | CVE-2020-15323 | Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has the cloud1234 password for the a1@chopin account default credentials. | Cloudcnm_secumanager | 9.8 | ||
| 2022-09-29 | CVE-2020-15325 | Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has a hardcoded Erlang cookie for ejabberd replication. | Cloudcnm_secumanager | 5.3 | ||
| 2022-09-29 | CVE-2020-15326 | Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has a hardcoded certificate for Ejabberd in ejabberd.pem. | Cloudcnm_secumanager | 5.3 | ||
| 2022-09-29 | CVE-2020-15327 | Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 uses ZODB storage without authentication. | Cloudcnm_secumanager | 7.5 | ||
| 2022-09-29 | CVE-2020-15328 | Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has weak /opt/axess/var/blobstorage/ permissions. | Cloudcnm_secumanager | 5.3 | ||
| 2022-09-29 | CVE-2020-15329 | Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has weak Data.fs permissions. | Cloudcnm_secumanager | 5.3 | ||
| 2022-09-29 | CVE-2020-15330 | Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has a hardcoded APP_KEY in /opt/axess/etc/default/axess. | Cloudcnm_secumanager | 5.3 |