Vulnerabilities
Misconfiguration
Compliance
CVE Vulnerabilities

CVE-2024-29844

Use of Default Credentials

Published: Apr 15, 2024 | Modified: Dec 10, 2025
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
RedHat/V2
RedHat/V3
Ubuntu
Vulnerability-free packages from our partners
Additional information
NVDhttps://nvd.nist.gov/vuln/detail/CVE-2024-29844
CWEhttps://cwe.mitre.org/data/definitions/1392.html

Default credentials on the Web Interface of Evolution Controller 2.x allows anyone to log in to the server directly to perform administrative functions. Upon installation or upon first login, the application does not ask the user to change the password. There is no warning or prompt to ask the user to change the default password.

Weakness

The product uses default credentials (such as passwords or cryptographic keys) for potentially critical functionality.

Affected Software

Name Vendor Start Version End Version
Evolution Cs-technologies * 2.04.560 (including)

Potential Mitigations

References

Aqua Security is the largest pure-play cloud native security company, providing customers the freedom to innovate and run their businesses with minimal friction. The Aqua Cloud Native Security Platform provides prevention, detection, and response automation across the entire application lifecycle to secure the build, secure cloud infrastructure and secure running workloads wherever they are deployed.
Copyright © 2025 Aqua Security Software Ltd.   Privacy Policy | Terms of Use