Main Vulnerability Database Exploits ID:1422 - Exploit for Use of hard-coded credentials in Privileged Access Manager - CVE-2015-4667

ID:1422 - Exploit for Use of hard-coded credentials in Privileged Access Manager - CVE-2015-4667

Published: March 18, 2020

Vulnerability identifier: #VU13354

Vulnerability risk: Low

CVE-ID: CVE-2015-4667

CWE-ID: CWE-798

Exploitation vector: Remote access

Vulnerable software:
Privileged Access Manager

Link to public exploit:

https://www.exploit-db.com/exploits/37708/

Vulnerability description

The vulnerability allows a remote attacker to gain elevated privileges on the target system.

The weakness exists due to use of hard-coded credentials in multiple scripts. A remote attacker can gain elevated privileges and conduct a variety of attacks.

Remediation

Update to version 3.0.0 or later.

ID:1422 - Exploit for Use of hard-coded credentials in Privileged Access Manager - CVE-2015-4667

Link to public exploit:

Vulnerability description

Remediation

Please verify you're human