CVE-2020-11543: 
NixOS vulnerability analysis and mitigation

OpsRamp Gateway before version 7.0.0 contained a critical security vulnerability involving a hardcoded backdoor account. The account 'vadmin' with password '9vt@f3Vt' allowed unauthorized root SSH access to the server. This vulnerability was discovered and disclosed in April 2020, affecting all versions of OpsRamp Gateway prior to version 7.0.0 (NVD).

The vulnerability (CVE-2020-11543) is classified as Use of Hard-coded Credentials (CWE-798). It received a CVSS v3.1 base score of 9.8 CRITICAL with vector string CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H, indicating network accessibility, low attack complexity, and no required privileges or user interaction. The hardcoded credentials provided root-level SSH access to the server, representing the highest severity level for authentication bypass vulnerabilities (NVD).

The presence of hardcoded credentials with root SSH access represents a severe security risk, potentially allowing unauthorized users complete control over the affected systems. An attacker could gain full administrative access to the OpsRamp Gateway server, enabling them to execute arbitrary commands, access sensitive data, and potentially compromise the entire network infrastructure (NVD).

This vulnerability was resolved in OpsRamp Gateway firmware version 7.0.0, where the system was redesigned to only allow administrator and system user accounts for the gateway appliance. Organizations using affected versions should immediately upgrade to version 7.0.0 or later to address this security issue (NVD).