How severe is CVE-2020-1614?

This vulnerability has a severity rating of CRITICAL with a CVSS score of 10 out of 10.

What type of vulnerability is CVE-2020-1614?

This is classified as CWE-798, which is a common weakness in software security.

CVE-2020-1614

CRITICAL Year: 2020

CVSS v3 Score

10.0

Critical

CVSS v2 Score

9.3

Critical

Weakness Type

CWE-798

View all →

Vulnerability Description

A Use of Hard-coded Credentials vulnerability exists in the NFX250 Series for the vSRX Virtual Network Function (VNF) instance, which allows an attacker to take control of the vSRX VNF instance if they have the ability to access an administrative service (e.g. SSH) on the VNF, either locally, or through the network. This issue only affects the NFX250 Series vSRX VNF. No other products or platforms are affected. This issue is only applicable to environments where the vSRX VNF root password has not been configured. This issue affects the Juniper Networks NFX250 Network Services Platform vSRX VNF instance on versions prior to 19.2R1.

CVE-2013-3542

CRITICAL

CVSS:10.0(Critical)

Grandstream GXV3501, GXV3504, GXV3601, GXV3601HD/LL, GXV3611HD/LL, GXV3615W/P, GXV3651FHD, GXV3662HD, GXV3615WP_HD, GXV3500, and possibly other camera models with firmware 1.0.4.11, have a hardcoded a...

CWE-7982013

CVE-2016-8717

CRITICAL

CVSS:10.0(Critical)

An exploitable Use of Hard-coded Credentials vulnerability exists in the Moxa AWK-3131A Wireless Access Point running firmware 1.1. The device operating system contains an undocumented, privileged (ro...

CWE-7982016

CVE-2018-0222

CRITICAL

CVSS:10.0(Critical)

A vulnerability in Cisco Digital Network Architecture (DNA) Center could allow an unauthenticated, remote attacker to log in to an affected system by using an administrative account that has default, ...

CWE-7982018

CVE-2018-5551

CRITICAL

CVSS:10.0(Critical)

Versions of DocuTrac QuicDoc and Office Therapy that ship with DTISQLInstaller.exe version 1.6.4.0 and prior contain three credentials with known passwords: QDMaster, OTMaster, and sa.

CWE-7982018

CVE-2020-4429

CRITICAL

CVSS:10.0(Critical)

IBM Data Risk Manager 2.0.1, 2.0.2, 2.0.3, 2.0.4, 2.0.5, and 2.0.6 contains a default password for an IDRM administrative account. A remote attacker could exploit this vulnerability to login and execu...

CWE-7982020

CVE-2020-6779

CRITICAL

CVSS:10.0(Critical)

Use of Hard-coded Credentials in the database of Bosch FSM-2500 server and Bosch FSM-5000 server up to and including version 5.2 allows an unauthenticated remote attacker to log into the database with...

CWE-7982020

CVE-2020-1614

Vulnerability Description

Related Vulnerabilities

CVE-2013-3542

CVE-2016-8717

CVE-2018-0222

CVE-2018-5551

CVE-2020-4429

CVE-2020-6779