CVE-2026-50110

Severity CVSS v4.0:
CRITICAL
Type:
CWE-798 Use of Hard-coded Credentials
Publication date:
30/06/2026
Last modified:
30/06/2026

Description

Storage Concentrator (SC & SCVM) contains hardcoded credentials for numerous internal services embedded within a configuration file. While the credentials are stored in an encoded format, the encoding can be reversed to plaintext. The exposed credentials span a broad range of internal services, including database accounts, licensing, replication services, and third-party integrations, meaning successful exploitation of this vulnerability could provide an attacker with unauthorized access to multiple interconnected systems.