CVE-2021-44207 - Acclaim Systems USAHERDS Use of Hard-Coded Credentials Vulnerability
Project:Acclaim Systems
Product:USAHERDS
Date Added:2024-12-23Due Date:2025-01-13
Vulnerability Name
Acclaim Systems USAHERDS Use of Hard-Coded Credentials Vulnerability
Description
Acclaim Systems USAHERDS contains a hard-coded credentials vulnerability that could allow an attacker to achieve remote code execution on the system that runs the application. The MachineKey must be obtained via a separate vulnerability or other channel.
Known To Be Used in Ransomware Campaigns?
Unknown
Action
Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable. Please contact the product developer for support and vulnerability mitigation.
Additional Notes
https://www.acclaimsystems.com/#contact
https://www.tnatc.org/#contact
https://nvd.nist.gov/vuln/detail/CVE-2021-44207
Related News Articles
CISA Adds Acclaim USAHERDS Vulnerability to KEV Catalog Amid Active ExploitationDecember 24, 2024
