CVE-2021-27437
N/A
N/A
Summary
The affected product allows attackers to obtain sensitive information from the WISE-PaaS dashboard. The system contains a hard-coded administrator username and password that can be used to query Grafana APIs. Authentication is not required for exploitation on the WISE-PaaS/RMM (versions prior to 9.0.1).
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| n/a | WISE-PaaS/RMM | versions prior to 9.0.1 | affected |
Weaknesses
- CWE-798: USE OF HARD-CODED CREDENTIALS CWE-798
ADP Enrichment
CVE Program Container
Additional References
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.