CVE-2015-466725.09.2017, 17:29Multiple hardcoded credentials in Xsuite 2.x.EnginsightProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVectorNISTNIST9.8 CRITICALNETWORKLOWNONECVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HmitreCNA------CVEADP------Base ScoreCVSS 3.xEPSS ScorePercentile: 95%VendorProductVersionxceediumxsuite2.3.0xceediumxsuite2.4.3.0𝑥= Vulnerable software versionsKnown Exploits!http://www.modzero.ch/advisories/MZ-15-02-Xceedium-Xsuite.txthttps://www.exploit-db.com/exploits/37708/http://www.modzero.ch/advisories/MZ-15-02-Xceedium-Xsuite.txthttps://www.exploit-db.com/exploits/37708/Common Weakness EnumerationCWE-798 - Use of Hard-coded CredentialsThe software contains hard-coded credentials, such as a password or cryptographic key, which it uses for its own inbound authentication, outbound communication to external components, or encryption of internal data.Referenceshttp://www.modzero.ch/advisories/MZ-15-02-Xceedium-Xsuite.txthttp://www.securityfocus.com/archive/1/536058/100/0/threadedhttps://support.ca.com/us/product-content/recommended-reading/security-notices/ca20180614-01--security-notice-for-ca-privileged-access-manager.htmlhttps://www.exploit-db.com/exploits/37708/http://www.modzero.ch/advisories/MZ-15-02-Xceedium-Xsuite.txthttp://www.securityfocus.com/archive/1/536058/100/0/threadedhttps://support.ca.com/us/product-content/recommended-reading/security-notices/ca20180614-01--security-notice-for-ca-privileged-access-manager.htmlhttps://www.exploit-db.com/exploits/37708/