Instituto Nacional de ciberseguridad. Sección Incibe
Instituto Nacional de Ciberseguridad. Sección INCIBE-CERT

CVE-2026-50110

Gravedad CVSS v4.0:
CRÍTICA
Tipo:
CWE-798 Credenciales embebidas en el software
Fecha de publicación:
30/06/2026
Última modificación:
30/06/2026

Descripción

*** Pendiente de traducción *** Storage Concentrator (SC & SCVM) contains hardcoded credentials for numerous internal services embedded within a configuration file. While the credentials are stored in an encoded format, the encoding can be reversed to plaintext. The exposed credentials span a broad range of internal services, including database accounts, licensing, replication services, and third-party integrations, meaning successful exploitation of this vulnerability could provide an attacker with unauthorized access to multiple interconnected systems.