CVE-2019-15015

Published: Oct 9, 2019Modified: Nov 21, 2024

8.4

Vector

CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Exploitability: 2.5 / Impact: 5.9

Source: NVD

Description

In the Zingbox Inspector, versions 1.294 and earlier, hardcoded credentials for root and inspector user accounts are present in the system software, which can result in unauthorized users gaining access to the system.

Affected (1)

Products: Zingbox: Inspector

Zingbox

1 product

Inspector

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Zingbox Inspector	Up to 1.294

Related CWEs

CWE-798

Use of Hard-coded Credentials

The product contains hard-coded credentials, such as a password or cryptographic key.

References (2)

https://security.paloaltonetworks.com/CVE-2019-15015

Source: psirt@paloaltonetworks.com

Third Party Advisory

https://security.paloaltonetworks.com/CVE-2019-15015

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party Advisory

Timeline

No history available yet.