How to Buy
This script is Copyright (C) 2003-2016 Digital Defense Inc.
The remote host has an application that can be accessed with
This host appears to be the running the Apache Tomcat
Servlet engine with the default accounts still configured.
A potential intruder could reconfigure this service in a way
that grants system access.
Change the default passwords by editing the admin-users.xml file
located in the /conf/users subdirectory of the Tomcat installation.
Risk factor :
High / CVSS Base Score : 7.5
Family: Web Servers
Nessus Plugin ID: 11204 (DDI_tomcat_default_accounts.nasl)
CVE ID: CVE-1999-0508
Nessus Professional: Scan unlimited IPs, run compliance checks & moreNessus Cloud: The power of Nessus for teams – from the cloud
The cookie settings on this website are set to 'allow all cookies' to give you the very best website experience. If you continue without changing these settings, you consent to this - but if you want, you can opt out of all cookies by clicking below.