CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2017-5230

The Java keystore in all versions and editions of Rapid7 Nexpose prior to 6.4.50 is encrypted with a static password of 'r@p1d7k3y5t0r3' which is not modifiable by the user. The keystore provides storage for saved scan credentials in an otherwise secure location on disk.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.004

EPSS Ranking 62.5%

CVSS Severity

CVSS v3 Score 7.2

CVSS v2 Score 6.5

References

Products affected by CVE-2017-5230

Rapid7 » Nexpose » Version: N/A

cpe:2.3:a:rapid7:nexpose:-
Rapid7 » Nexpose » Version: 5.4

cpe:2.3:a:rapid7:nexpose:5.4
Rapid7 » Nexpose » Version: 5.4.1

cpe:2.3:a:rapid7:nexpose:5.4.1
Rapid7 » Nexpose » Version: 5.4.10

cpe:2.3:a:rapid7:nexpose:5.4.10
Rapid7 » Nexpose » Version: 5.4.11

cpe:2.3:a:rapid7:nexpose:5.4.11
Rapid7 » Nexpose » Version: 5.4.12

cpe:2.3:a:rapid7:nexpose:5.4.12
Rapid7 » Nexpose » Version: 5.4.2

cpe:2.3:a:rapid7:nexpose:5.4.2
Rapid7 » Nexpose » Version: 5.4.3

cpe:2.3:a:rapid7:nexpose:5.4.3
Rapid7 » Nexpose » Version: 5.4.4

cpe:2.3:a:rapid7:nexpose:5.4.4
Rapid7 » Nexpose » Version: 5.4.5

cpe:2.3:a:rapid7:nexpose:5.4.5
Rapid7 » Nexpose » Version: 5.4.6

cpe:2.3:a:rapid7:nexpose:5.4.6
Rapid7 » Nexpose » Version: 5.4.7

cpe:2.3:a:rapid7:nexpose:5.4.7
Rapid7 » Nexpose » Version: 5.4.8

cpe:2.3:a:rapid7:nexpose:5.4.8
Rapid7 » Nexpose » Version: 5.4.9

cpe:2.3:a:rapid7:nexpose:5.4.9
Rapid7 » Nexpose » Version: 5.5.1

cpe:2.3:a:rapid7:nexpose:5.5.1
Rapid7 » Nexpose » Version: 5.5.3

cpe:2.3:a:rapid7:nexpose:5.5.3
Rapid7 » Nexpose » Version: 5.5.4

cpe:2.3:a:rapid7:nexpose:5.5.4
Rapid7 » Nexpose » Version: 5.5.5

cpe:2.3:a:rapid7:nexpose:5.5.5
Rapid7 » Nexpose » Version: 5.5.6

cpe:2.3:a:rapid7:nexpose:5.5.6
Rapid7 » Nexpose » Version: 5.5.7

cpe:2.3:a:rapid7:nexpose:5.5.7
Rapid7 » Nexpose » Version: 5.5.8

cpe:2.3:a:rapid7:nexpose:5.5.8
Rapid7 » Nexpose » Version: 6.3.10

cpe:2.3:a:rapid7:nexpose:6.3.10
Rapid7 » Nexpose » Version: 6.3.11

cpe:2.3:a:rapid7:nexpose:6.3.11
Rapid7 » Nexpose » Version: 6.3.12

cpe:2.3:a:rapid7:nexpose:6.3.12
Rapid7 » Nexpose » Version: 6.3.13

cpe:2.3:a:rapid7:nexpose:6.3.13
Rapid7 » Nexpose » Version: 6.3.14

cpe:2.3:a:rapid7:nexpose:6.3.14
Rapid7 » Nexpose » Version: 6.3.15

cpe:2.3:a:rapid7:nexpose:6.3.15
Rapid7 » Nexpose » Version: 6.4.0

cpe:2.3:a:rapid7:nexpose:6.4.0
Rapid7 » Nexpose » Version: 6.4.1

cpe:2.3:a:rapid7:nexpose:6.4.1
Rapid7 » Nexpose » Version: 6.4.10

cpe:2.3:a:rapid7:nexpose:6.4.10
Rapid7 » Nexpose » Version: 6.4.11

cpe:2.3:a:rapid7:nexpose:6.4.11
Rapid7 » Nexpose » Version: 6.4.12

cpe:2.3:a:rapid7:nexpose:6.4.12
Rapid7 » Nexpose » Version: 6.4.13

cpe:2.3:a:rapid7:nexpose:6.4.13
Rapid7 » Nexpose » Version: 6.4.14

cpe:2.3:a:rapid7:nexpose:6.4.14
Rapid7 » Nexpose » Version: 6.4.15

cpe:2.3:a:rapid7:nexpose:6.4.15
Rapid7 » Nexpose » Version: 6.4.16

cpe:2.3:a:rapid7:nexpose:6.4.16
Rapid7 » Nexpose » Version: 6.4.17

cpe:2.3:a:rapid7:nexpose:6.4.17
Rapid7 » Nexpose » Version: 6.4.18

cpe:2.3:a:rapid7:nexpose:6.4.18
Rapid7 » Nexpose » Version: 6.4.19

cpe:2.3:a:rapid7:nexpose:6.4.19
Rapid7 » Nexpose » Version: 6.4.2

cpe:2.3:a:rapid7:nexpose:6.4.2
Rapid7 » Nexpose » Version: 6.4.20

cpe:2.3:a:rapid7:nexpose:6.4.20
Rapid7 » Nexpose » Version: 6.4.21

cpe:2.3:a:rapid7:nexpose:6.4.21
Rapid7 » Nexpose » Version: 6.4.22

cpe:2.3:a:rapid7:nexpose:6.4.22
Rapid7 » Nexpose » Version: 6.4.23

cpe:2.3:a:rapid7:nexpose:6.4.23
Rapid7 » Nexpose » Version: 6.4.3

cpe:2.3:a:rapid7:nexpose:6.4.3
Rapid7 » Nexpose » Version: 6.4.4

cpe:2.3:a:rapid7:nexpose:6.4.4
Rapid7 » Nexpose » Version: 6.4.5

cpe:2.3:a:rapid7:nexpose:6.4.5
Rapid7 » Nexpose » Version: 6.4.6

cpe:2.3:a:rapid7:nexpose:6.4.6
Rapid7 » Nexpose » Version: 6.4.7

cpe:2.3:a:rapid7:nexpose:6.4.7
Rapid7 » Nexpose » Version: 6.4.8

cpe:2.3:a:rapid7:nexpose:6.4.8
Rapid7 » Nexpose » Version: 6.4.9

cpe:2.3:a:rapid7:nexpose:6.4.9

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2017-5230

Products

Pricing

Contact Us