Common Weakness Enumeration

CWE-1392

Use of Default Credentials

The product uses default credentials (such as passwords or cryptographic keys) for potentially critical functionality.

CVE-2026-58466 (GCVE-0-2026-58466)

Vulnerability from cvelistv5 – Published: 2026-07-02 19:56 – Updated: 2026-07-02 19:56 X_Open Source
VLAI
Title
AutoBangumi < 3.2.8 - Hard-coded Default Credentials via add_default_user()
Summary
AutoBangumi before 3.2.8 contains a hard-coded default credentials vulnerability that allows unauthenticated attackers to authenticate as the administrator by using the publicly known default credentials seeded at startup via add_default_user() in the database user module when the users table is empty. Attackers can submit the default credentials to the authentication login endpoint to gain full control of the application, including RSS feed configuration, downloader configuration, and all authenticated API endpoints.
CWE
Assigner
Impacted products
Vendor Product Version
EstrellaXD Auto_Bangumi Affected: 0 , < 3.2.8 (custom)
Create a notification for this product.
Date Public
2026-06-09 00:00
Credits
George Chen
Show details on NVD website

{
  "containers": {
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Auto_Bangumi",
          "repo": "https://github.com/EstrellaXD/Auto_Bangumi",
          "vendor": "EstrellaXD",
          "versions": [
            {
              "lessThan": "3.2.8",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        }
      ],
      "cpeApplicability": [
        {
          "nodes": [
            {
              "cpeMatch": [
                {
                  "criteria": "cpe:2.3:a:estrellaxd:auto_bangumi:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "3.2.8",
                  "vulnerable": true
                }
              ],
              "operator": "OR"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "value": "George Chen"
        }
      ],
      "datePublic": "2026-06-09T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "AutoBangumi before 3.2.8 contains a hard-coded default credentials vulnerability that allows unauthenticated attackers to authenticate as the administrator by using the publicly known default credentials seeded at startup via add_default_user() in the database user module when the users table is empty. Attackers can submit the default credentials to the authentication login endpoint to gain full control of the application, including RSS feed configuration, downloader configuration, and all authenticated API endpoints."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        },
        {
          "cvssV4_0": {
            "Automatable": "NOT_DEFINED",
            "Recovery": "NOT_DEFINED",
            "Safety": "NOT_DEFINED",
            "attackComplexity": "LOW",
            "attackRequirements": "NONE",
            "attackVector": "NETWORK",
            "baseScore": 9.3,
            "baseSeverity": "CRITICAL",
            "exploitMaturity": "NOT_DEFINED",
            "privilegesRequired": "NONE",
            "providerUrgency": "NOT_DEFINED",
            "subAvailabilityImpact": "NONE",
            "subConfidentialityImpact": "NONE",
            "subIntegrityImpact": "NONE",
            "userInteraction": "NONE",
            "valueDensity": "NOT_DEFINED",
            "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
            "version": "4.0",
            "vulnAvailabilityImpact": "HIGH",
            "vulnConfidentialityImpact": "HIGH",
            "vulnIntegrityImpact": "HIGH",
            "vulnerabilityResponseEffort": "NOT_DEFINED"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-1392",
              "description": "Use of Default Credentials",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-07-02T19:56:47.347Z",
        "orgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
        "shortName": "VulnCheck"
      },
      "references": [
        {
          "name": "Release Notes",
          "tags": [
            "release-notes"
          ],
          "url": "https://github.com/EstrellaXD/Auto_Bangumi/releases/tag/3.2.8"
        },
        {
          "name": "GitHub Issue",
          "tags": [
            "issue-tracking"
          ],
          "url": "https://github.com/EstrellaXD/Auto_Bangumi/issues/1041"
        },
        {
          "name": "Fix Commit",
          "tags": [
            "patch"
          ],
          "url": "https://github.com/EstrellaXD/Auto_Bangumi/commit/487bdfec545e805ae416e6ddf28651bd274d6a73"
        },
        {
          "tags": [
            "third-party-advisory"
          ],
          "url": "https://www.vulncheck.com/advisories/autobangumi-hard-coded-default-credentials-via-add-default-user"
        }
      ],
      "tags": [
        "x_open-source"
      ],
      "title": "AutoBangumi \u003c 3.2.8 - Hard-coded Default Credentials via add_default_user()",
      "x_generator": {
        "engine": "vulncheck-endgame"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
    "assignerShortName": "VulnCheck",
    "cveId": "CVE-2026-58466",
    "datePublished": "2026-07-02T19:56:47.347Z",
    "dateReserved": "2026-06-30T20:20:33.790Z",
    "dateUpdated": "2026-07-02T19:56:47.347Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2026-7365 (GCVE-0-2026-7365)

Vulnerability from cvelistv5 – Published: 2026-05-27 13:55 – Updated: 2026-05-27 14:52
VLAI
Title
IBM Operations Analytics - Log Analysis is affected by Information disclosure due to default passwords not being forced to be changed on post-installation
Summary
IBM Operations Analytics - Log Analysis  and IBM SmartCloud Analytics - Log Analysis uses default passwords default passwords from the manufacturing process for use during the installation process, which could allow an attacker to bypass authentication.
SSVC
Exploitation: none Automatable: no Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
Assigner
ibm
References
URL Tags
https://www.ibm.com/support/pages/node/7272268 vendor-advisorypatch
Impacted products
Vendor Product Version
IBM Operations Analytics - Log Analysis Affected: 1.3.2.0
Affected: 1.3.3.0
Affected: 1.3.5.0, 1.3.5.1, 1.3.5.2, 1.3.5.3
Affected: 1.3.6.0, 1.3.6.1
Affected: 1.3.7.0, 1.3.7.1, 1.3.7.2
Affected: 1.3.8.0, 1.3.8.1, 1.3.8.2, 1.3.8.3, 1.3.8.4
    cpe:2.3:a:ibm:operations_analytics___log_analysis:1.3.2.0:*:*:*:*:*:*:*
    cpe:2.3:a:ibm:operations_analytics___log_analysis:1.3.3.0:*:*:*:*:*:*:*
    cpe:2.3:a:ibm:operations_analytics___log_analysis:1.3.5.0:*:*:*:*:*:*:*
    cpe:2.3:a:ibm:operations_analytics___log_analysis:1.3.6.0:*:*:*:*:*:*:*
    cpe:2.3:a:ibm:operations_analytics___log_analysis:1.3.7.0:*:*:*:*:*:*:*
    cpe:2.3:a:ibm:operations_analytics___log_analysis:1.3.8.0:*:*:*:*:*:*:*
Create a notification for this product.
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2026-7365",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-05-27T14:51:48.386177Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-05-27T14:52:38.627Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "cpes": [
            "cpe:2.3:a:ibm:operations_analytics___log_analysis:1.3.2.0:*:*:*:*:*:*:*",
            "cpe:2.3:a:ibm:operations_analytics___log_analysis:1.3.3.0:*:*:*:*:*:*:*",
            "cpe:2.3:a:ibm:operations_analytics___log_analysis:1.3.5.0:*:*:*:*:*:*:*",
            "cpe:2.3:a:ibm:operations_analytics___log_analysis:1.3.6.0:*:*:*:*:*:*:*",
            "cpe:2.3:a:ibm:operations_analytics___log_analysis:1.3.7.0:*:*:*:*:*:*:*",
            "cpe:2.3:a:ibm:operations_analytics___log_analysis:1.3.8.0:*:*:*:*:*:*:*"
          ],
          "product": "Operations Analytics - Log Analysis",
          "vendor": "IBM",
          "versions": [
            {
              "status": "affected",
              "version": "1.3.2.0"
            },
            {
              "status": "affected",
              "version": "1.3.3.0"
            },
            {
              "status": "affected",
              "version": "1.3.5.0, 1.3.5.1, 1.3.5.2, 1.3.5.3"
            },
            {
              "status": "affected",
              "version": "1.3.6.0, 1.3.6.1"
            },
            {
              "status": "affected",
              "version": "1.3.7.0, 1.3.7.1, 1.3.7.2"
            },
            {
              "status": "affected",
              "version": "1.3.8.0, 1.3.8.1, 1.3.8.2, 1.3.8.3, 1.3.8.4"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cp\u003eIBM Operations Analytics - Log Analysis\u0026nbsp; and IBM SmartCloud Analytics - Log Analysis uses default passwords default passwords from the manufacturing process for use during the installation process, which could allow an attacker to bypass authentication.\u003c/p\u003e"
            }
          ],
          "value": "IBM Operations Analytics - Log Analysis\u00a0 and IBM SmartCloud Analytics - Log Analysis uses default passwords default passwords from the manufacturing process for use during the installation process, which could allow an attacker to bypass authentication."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 8.4,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-1392",
              "description": "CWE-1392 Use of Default Credentials",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-05-27T13:55:22.608Z",
        "orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
        "shortName": "ibm"
      },
      "references": [
        {
          "tags": [
            "vendor-advisory",
            "patch"
          ],
          "url": "https://www.ibm.com/support/pages/node/7272268"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cdiv\u003e\u003ctable\u003e\u003ccolgroup\u003e\u003ccol/\u003e\u003ccol/\u003e\u003c/colgroup\u003e\u003ctbody\u003e\u003ctr\u003e\u003ctd\u003ePrincipal Product and Version(s)\u003c/td\u003e\u003ctd\u003eFix details\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003eIBM Operations Analytics - Log Analysis version 1.3.2.0, 1.3.3.0, 1.3.5.0, 1.3.5.1, 1.3.5.2, 1.3.5.3, 1.3.6.0, 1.3.6.1, 1.3.6.2, 1.3.7.0, 1.3.7.1, 1.3.7.2, 1.3.8.0, 1.3.8.1, 1.3.8.2, 1.3.8.3, 1.3.8.4\u003c/td\u003e\u003ctd\u003eIBM strongly recommends addressing the vulnerability now by resetting the password through the GUI or integrating IBM Operations Analytics - Log Analysis with LDAP. Refer to \u003ca href=\"https://www.ibm.com/support/pages/node/7182994\" rel=\"noopener noreferrer nofollow\"\u003eProvision for Updating Default Password During Installation - IBM Operations Analytics Log Analysis\u003c/a\u003e for the instructions.\u003cbr/\u003e\u003cbr/\u003eFor Log Analysis before 1.3.7.0, \u003ca href=\"https://www.ibm.com/support/pages/node/1135125\" rel=\"noopener noreferrer nofollow\"\u003eupgrade\u003c/a\u003e to \u003ca href=\"https://www.ibm.com/support/fixcentral/swg/selectFixes?parent=IBM%20Operations%20Analytics\u0026amp;product=ibm/Tivoli/IBM+SmartCloud+Analytics+-+Log+Analysis\u0026amp;release=1.3.6\u0026amp;platform=All\u0026amp;function=all\" rel=\"noopener noreferrer nofollow\"\u003e1.3.7-TIV-IOALA-FP_signed\u003c/a\u003e or later before applying this.\u003c/td\u003e\u003c/tr\u003e\u003c/tbody\u003e\u003c/table\u003e\u003c/div\u003e"
            }
          ],
          "value": "Principal Product and Version(s)Fix detailsIBM Operations Analytics - Log Analysis version 1.3.2.0, 1.3.3.0, 1.3.5.0, 1.3.5.1, 1.3.5.2, 1.3.5.3, 1.3.6.0, 1.3.6.1, 1.3.6.2, 1.3.7.0, 1.3.7.1, 1.3.7.2, 1.3.8.0, 1.3.8.1, 1.3.8.2, 1.3.8.3, 1.3.8.4IBM strongly recommends addressing the vulnerability now by resetting the password through the GUI or integrating IBM Operations Analytics - Log Analysis with LDAP. Refer to Provision for Updating Default Password During Installation - IBM Operations Analytics Log Analysis for the instructions.For Log Analysis before 1.3.7.0, upgrade to 1.3.7-TIV-IOALA-FP_signed or later before applying this."
        }
      ],
      "title": "IBM Operations Analytics - Log Analysis is affected by Information disclosure due to default passwords not being forced to be changed on post-installation",
      "x_generator": {
        "engine": "ibm-cvegen"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
    "assignerShortName": "ibm",
    "cveId": "CVE-2026-7365",
    "datePublished": "2026-05-27T13:55:22.608Z",
    "dateReserved": "2026-04-28T20:46:39.086Z",
    "dateUpdated": "2026-05-27T14:52:38.627Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2026-7428 (GCVE-0-2026-7428)

Vulnerability from cvelistv5 – Published: 2026-05-12 09:16 – Updated: 2026-05-12 12:25 Exclusively Hosted Service
VLAI
Title
Insecure default administrative credentials in AlloyDB for PostgreSQL
Summary
Prior to 2025-11-03, well-intended users of Terraform or REST API for Google Cloud AlloyDB for PostgreSQL could have created clusters with an insecure default password which could have been exploited by a remote attacker to gain full administrative access to the database. Exploitation required network access to the AlloyDB cluster and was limited to Terraform or the REST API, as other clients blocked it.
SSVC
Exploitation: none Automatable: no Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
Assigner
Impacted products
Vendor Product Version
Google Cloud AlloyDB for PostgreSQL Affected: 0 , < 2025-11-03 (date)
Create a notification for this product.
Credits
Mark Lawrenson
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2026-7428",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-05-12T12:23:39.985567Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-05-12T12:25:06.189Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "AlloyDB for PostgreSQL",
          "vendor": "Google Cloud",
          "versions": [
            {
              "lessThan": "2025-11-03",
              "status": "affected",
              "version": "0",
              "versionType": "date"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "reporter",
          "value": "Mark Lawrenson"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cdiv\u003e\u003cspan\u003ePrior to 2025-11-03,\u0026nbsp;\u003c/span\u003ewell-intended users of Terraform or REST API for Google Cloud AlloyDB for PostgreSQL could have created clusters\u0026nbsp;\u003cspan\u003ewith an insecure default password which could have been exploited by a\u0026nbsp;\u003c/span\u003eremote\u003cspan\u003e\u0026nbsp;attacker\u0026nbsp;\u003c/span\u003e\u003cspan\u003eto\u0026nbsp;gain full administrative access to the database.\u003c/span\u003e\u003c/div\u003e\u003cdiv\u003e\u003cbr\u003e\u003c/div\u003e\u003cspan\u003eExploitation required network access to the AlloyDB cluster and was limited to Terraform or the REST API, as other clients blocked it\u003c/span\u003e\u003cspan\u003e.\u003c/span\u003e"
            }
          ],
          "value": "Prior to 2025-11-03,\u00a0well-intended users of Terraform or REST API for Google Cloud AlloyDB for PostgreSQL could have created clusters\u00a0with an insecure default password which could have been exploited by a\u00a0remote\u00a0attacker\u00a0to\u00a0gain full administrative access to the database.\n\n\n\n\nExploitation required network access to the AlloyDB cluster and was limited to Terraform or the REST API, as other clients blocked it."
        }
      ],
      "impacts": [
        {
          "capecId": "CAPEC-70",
          "descriptions": [
            {
              "lang": "en",
              "value": "CAPEC-70 Try Common or Default Usernames and Passwords"
            }
          ]
        }
      ],
      "metrics": [
        {
          "cvssV4_0": {
            "Automatable": "NOT_DEFINED",
            "Recovery": "NOT_DEFINED",
            "Safety": "NOT_DEFINED",
            "attackComplexity": "LOW",
            "attackRequirements": "PRESENT",
            "attackVector": "NETWORK",
            "baseScore": 9.2,
            "baseSeverity": "CRITICAL",
            "exploitMaturity": "NOT_DEFINED",
            "privilegesRequired": "NONE",
            "providerUrgency": "AMBER",
            "subAvailabilityImpact": "LOW",
            "subConfidentialityImpact": "LOW",
            "subIntegrityImpact": "LOW",
            "userInteraction": "NONE",
            "valueDensity": "NOT_DEFINED",
            "vectorString": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:L/SI:L/SA:L/U:Amber",
            "version": "4.0",
            "vulnAvailabilityImpact": "HIGH",
            "vulnConfidentialityImpact": "HIGH",
            "vulnIntegrityImpact": "HIGH",
            "vulnerabilityResponseEffort": "NOT_DEFINED"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-1392",
              "description": "CWE-1392 Use of default credentials",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-05-12T09:16:35.151Z",
        "orgId": "f45cbf4e-4146-4068-b7e1-655ffc2c548c",
        "shortName": "GoogleCloud"
      },
      "references": [
        {
          "url": "https://docs.cloud.google.com/alloydb/docs/release-notes#April_28_2026"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cp\u003eThis vulnerability was patched on November 3, 2025.\u003c/p\u003e\u003cp\u003eImpacted instances have been proactively remediated, and no customer action is needed.\u003c/p\u003e"
            }
          ],
          "value": "This vulnerability was patched on November 3, 2025.\n\n\n\nImpacted instances have been proactively remediated, and no customer action is needed."
        }
      ],
      "source": {
        "discovery": "EXTERNAL"
      },
      "tags": [
        "exclusively-hosted-service"
      ],
      "title": "Insecure default administrative credentials in AlloyDB for PostgreSQL",
      "x_generator": {
        "engine": "Vulnogram 1.0.1"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "f45cbf4e-4146-4068-b7e1-655ffc2c548c",
    "assignerShortName": "GoogleCloud",
    "cveId": "CVE-2026-7428",
    "datePublished": "2026-05-12T09:16:35.151Z",
    "dateReserved": "2026-04-29T14:38:05.602Z",
    "dateUpdated": "2026-05-12T12:25:06.189Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2026-9844 (GCVE-0-2026-9844)

Vulnerability from cvelistv5 – Published: 2026-06-02 13:23 – Updated: 2026-06-02 15:09
VLAI
Title
Vulnerability in navify® Digital Pathology
Summary
Use of default credentials vulnerability in Roche Diagnostics navify Digital Pathology (RabbitMQ Management interface modules) allows Default Usernames and Passwords. This issue affects navify Digital Pathology: from 2.0.0 before 2.4.1.
SSVC
Exploitation: none Automatable: yes Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
Assigner
References
Impacted products
Vendor Product Version
Roche Diagnostics navify Digital Pathology Affected: 2.0.0 , ≤ 2.4.1 (semver)
Create a notification for this product.
Date Public
2026-05-29 15:52
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2026-9844",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-06-02T15:08:46.915716Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-06-02T15:09:09.840Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "modules": [
            "RabbitMQ Management interface"
          ],
          "product": "navify Digital Pathology",
          "vendor": "Roche Diagnostics",
          "versions": [
            {
              "lessThanOrEqual": "2.4.1",
              "status": "affected",
              "version": "2.0.0",
              "versionType": "semver"
            }
          ]
        }
      ],
      "datePublic": "2026-05-29T15:52:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "Use of default credentials vulnerability in Roche Diagnostics navify Digital Pathology (RabbitMQ Management interface modules) allows Default Usernames and Passwords.\u0026nbsp;\u003cspan\u003eThis issue affects navify Digital Pathology: from 2.0.0 before 2.4.1.\u003c/span\u003e"
            }
          ],
          "value": "Use of default credentials vulnerability in Roche Diagnostics navify Digital Pathology (RabbitMQ Management interface modules) allows Default Usernames and Passwords.\u00a0This issue affects navify Digital Pathology: from 2.0.0 before 2.4.1."
        }
      ],
      "impacts": [
        {
          "capecId": "CAPEC-70",
          "descriptions": [
            {
              "lang": "en",
              "value": "CAPEC-70 Try Common or Default Usernames and Passwords"
            }
          ]
        }
      ],
      "metrics": [
        {
          "cvssV4_0": {
            "Automatable": "YES",
            "Recovery": "USER",
            "Safety": "NEGLIGIBLE",
            "attackComplexity": "LOW",
            "attackRequirements": "NONE",
            "attackVector": "NETWORK",
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "exploitMaturity": "NOT_DEFINED",
            "privilegesRequired": "NONE",
            "providerUrgency": "GREEN",
            "subAvailabilityImpact": "LOW",
            "subConfidentialityImpact": "LOW",
            "subIntegrityImpact": "LOW",
            "userInteraction": "NONE",
            "valueDensity": "DIFFUSE",
            "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:H/VA:H/SC:L/SI:L/SA:L/S:N/AU:Y/R:U/V:D/RE:M/U:Green",
            "version": "4.0",
            "vulnAvailabilityImpact": "HIGH",
            "vulnConfidentialityImpact": "LOW",
            "vulnIntegrityImpact": "HIGH",
            "vulnerabilityResponseEffort": "MODERATE"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-1392",
              "description": "CWE-1392 Use of default credentials",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-06-02T13:23:45.761Z",
        "orgId": "5cdcf916-2b10-4ec8-bfc1-d054821e439e",
        "shortName": "Roche"
      },
      "references": [
        {
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://diagnostics.roche.com/global/en/legal/product-security-advisory.html"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cspan\u003eChange the default password for the guest user from the factory settings to a secure, unique password.\u003c/span\u003e\u003cbr\u003e\u003cbr\u003e\u003cb\u003e\u003c/b\u003e"
            }
          ],
          "value": "Change the default password for the guest user from the factory settings to a secure, unique password."
        }
      ],
      "source": {
        "discovery": "INTERNAL"
      },
      "title": "Vulnerability in navify\u00ae Digital Pathology",
      "x_generator": {
        "engine": "Vulnogram 1.0.2"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "5cdcf916-2b10-4ec8-bfc1-d054821e439e",
    "assignerShortName": "Roche",
    "cveId": "CVE-2026-9844",
    "datePublished": "2026-06-02T13:23:45.761Z",
    "dateReserved": "2026-05-28T13:34:24.678Z",
    "dateUpdated": "2026-06-02T15:09:09.840Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}







Mitigation

Phase: Requirements

Description:

  • Prohibit use of default, hard-coded, or other values that do not vary for each installation of the product - especially for separate organizations.
Mitigation

Phase: Architecture and Design

Description:

  • Force the administrator to change the credential upon installation.
Mitigation

Phases: Installation, Operation

Description:

  • The product administrator could change the defaults upon installation or during operation.

No CAPEC attack patterns related to this CWE.

Back to CWE stats page