CVE-2021-44207
Acclaim Systems USAHERDS Use of Hard-Coded Credentials Vulnerability
CVSS
—
No CVSS
EPSS
17.6%
p97
KEV
YES
Dec 23, 2024
Exploit Today
79
0-100
Published: — · Last modified: —
Product
Acclaim Systems / USAHERDS
Vulnerability
Acclaim Systems USAHERDS Use of Hard-Coded Credentials Vulnerability
Added to KEV
Dec 23, 2024
Remediate by
Jan 13, 2025
Known ransomware use
No
Summary description
Acclaim Systems USAHERDS contains a hard-coded credentials vulnerability that could allow an attacker to achieve remote code execution on the system that runs the application. The MachineKey must be obtained via a separate vulnerability or other channel.
Required action
Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable. Please contact the product developer for support and vulnerability mitigation.
Notes
https://www.acclaimsystems.com/#contact ; https://www.tnatc.org/#contact ; https://nvd.nist.gov/vuln/detail/CVE-2021-44207
No related CVEs by CWE or product.