How severe is CVE-2018-0222?

This vulnerability has a severity rating of CRITICAL with a CVSS score of 10 out of 10.

What type of vulnerability is CVE-2018-0222?

This is classified as CWE-798, which is a common weakness in software security.

CVE-2018-0222

CRITICAL Year: 2018

CVSS v3 Score

10.0

Critical

CVSS v2 Score

10.0

Critical

Weakness Type

CWE-798

View all →

Vulnerability Description

A vulnerability in Cisco Digital Network Architecture (DNA) Center could allow an unauthenticated, remote attacker to log in to an affected system by using an administrative account that has default, static user credentials. The vulnerability is due to the presence of undocumented, static user credentials for the default administrative account for the affected software. An attacker could exploit this vulnerability by using the account to log in to an affected system. A successful exploit could allow the attacker to log in to the affected system and execute arbitrary commands with root privileges. This vulnerability affects all releases of Cisco DNA Center Software prior to Release 1.1.3. Cisco Bug IDs: CSCvh98929.

CVE-2013-3542

CRITICAL

CVSS:10.0(Critical)

Grandstream GXV3501, GXV3504, GXV3601, GXV3601HD/LL, GXV3611HD/LL, GXV3615W/P, GXV3651FHD, GXV3662HD, GXV3615WP_HD, GXV3500, and possibly other camera models with firmware 1.0.4.11, have a hardcoded a...

CWE-7982013

CVE-2016-8717

CRITICAL

CVSS:10.0(Critical)

An exploitable Use of Hard-coded Credentials vulnerability exists in the Moxa AWK-3131A Wireless Access Point running firmware 1.1. The device operating system contains an undocumented, privileged (ro...

CWE-7982016

CVE-2018-5551

CRITICAL

CVSS:10.0(Critical)

Versions of DocuTrac QuicDoc and Office Therapy that ship with DTISQLInstaller.exe version 1.6.4.0 and prior contain three credentials with known passwords: QDMaster, OTMaster, and sa.

CWE-7982018

CVE-2020-1614

CRITICAL

CVSS:10.0(Critical)

A Use of Hard-coded Credentials vulnerability exists in the NFX250 Series for the vSRX Virtual Network Function (VNF) instance, which allows an attacker to take control of the vSRX VNF instance if the...

CWE-7982020

CVE-2020-4429

CRITICAL

CVSS:10.0(Critical)

IBM Data Risk Manager 2.0.1, 2.0.2, 2.0.3, 2.0.4, 2.0.5, and 2.0.6 contains a default password for an IDRM administrative account. A remote attacker could exploit this vulnerability to login and execu...

CWE-7982020

CVE-2020-6779

CRITICAL

CVSS:10.0(Critical)

Use of Hard-coded Credentials in the database of Bosch FSM-2500 server and Bosch FSM-5000 server up to and including version 5.2 allows an unauthenticated remote attacker to log into the database with...

CWE-7982020

CVE-2018-0222

Vulnerability Description

Related Vulnerabilities

CVE-2013-3542

CVE-2016-8717

CVE-2018-5551

CVE-2020-1614

CVE-2020-4429

CVE-2020-6779