CVE-2026-50110
CriticalCVSS 9.2Exploitation Probability (EPSS)
Low risk3th percentile — higher than 3% of all known CVEs
Summary
Storage Concentrator (SC & SCVM) contains hardcoded credentials for numerous internal services stored in a configuration file. Although the credentials are encoded, the encoding can be reversed to plaintext.
Risk Assessment
Exposure of these credentials could allow an attacker unauthorized access to databases, licensing, replication services, and third-party integrations, posing a risk of compromising multiple interconnected systems.
Recommendation
Immediately change all hardcoded credentials to unique, strong passwords and remove them from configuration files, implementing secure secrets management.
Original NVD description (English source)
Storage Concentrator (SC & SCVM) contains hardcoded credentials for numerous internal services embedded within a configuration file. While the credentials are stored in an encoded format, the encoding can be reversed to plaintext. The exposed credentials span a broad range of internal services, including database accounts, licensing, replication services, and third-party integrations, meaning successful exploitation of this vulnerability could provide an attacker with unauthorized access to multiple interconnected systems.

