CVE-2021-31579 HIGH

CVE-2021-31579: Akkadian Provisioning Manager Engine (PME) Hard-Coded Credentials

Vendor Akkadian
Product Provisioning Manager Engine (PME)
Weakness CWE-798 · Hardcoded credentials
Published July 22, 2021
Last update August 3, 2024

CVSS base score

8.2/10
Attack vector Network
Attack complexity Low
Privileges required None
User interaction None
Confidentiality High
Integrity Low

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N

What the vulnerability does

01Description

Akkadian Provisioning Manager Engine (PME) ships with a hard-coded credential, akkadianuser:haakkadianpassword. This issue was resolved in Akkadian OVA appliance version 3.0 (and later), Akkadian Provisioning Manager 5.0.2 (and later), and Akkadian Appliance Manager 3.3.0.314-4a349e0 (and later).

Key dates

02Disclosure timeline

July 22, 2021 CVE published
August 3, 2024 Record updated