K2 KeyServer Default Credentials

high Nessus Plugin ID 27041

Synopsis

The remote service is protected with default credentials.

Description

The remote K2 KeyServer installation is configured to use default credentials to control access. Knowing these, an attacker can gain control of the affected application.

Solution

Change the password for the 'Administrator' account using KeyConfigure.

Plugin Details

Severity: High

ID: 27041

File Name: keyserver_default_creds.nasl

Version: Revision: 1.13

Type: remote

Family: Misc.

Published: 10/12/2007

Updated: 11/23/2016

Supported Sensors: Nessus

Risk Information

CVSS v2

Risk Factor: High

Base Score: 7.5

Temporal Score: 7.5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P

Vulnerability Information

Excluded KB Items: global_settings/supplied_logins_only