1. Home
  2. Mapping Frameworks
  3. Known Exploited Vulnerabilities Home
  4. Hard-coded Credentials Capability Group

Known Exploited Vulnerabilities Hard-coded Credentials Capability Group

All Mappings

Capability ID Capability Description Mapping Type ATT&CK ID ATT&CK Name Notes
CVE-2020-8657 EyesOfNetwork Use of Hard-Coded Credentials Vulnerability exploitation_technique T1106 Native API
Comments
CVE-2020-8657 identifies a security issue in EyesOfNetwork 5.3 that exposes a vulnerability in the API key implementation.
References
  1. https://www.clouddefense.ai/cve/2020/CVE-2020-8657
CVE-2022-26138 Atlassian Questions For Confluence App Hard-coded Credentials Vulnerability exploitation_technique T1552.001 Credentials In Files
Comments
CVE-2022-26138 is a hard-coded credentials vulnerability in the "Questions for Confluence" app.
References
  1. https://x.com/cyb3rops/status/1550119301004201984
  2. https://securitytrails.com/blog/atlassian-confluence-vulnerability-remote-access-hard-coded-pass-cve-2022-26138

Capabilities

Capability ID Capability Name Number of Mappings
CVE-2020-8657 EyesOfNetwork Use of Hard-Coded Credentials Vulnerability 1
CVE-2022-26138 Atlassian Questions For Confluence App Hard-coded Credentials Vulnerability 1