StarWind Control Port Default Credentials

high Nessus Plugin ID 29701

Language:

Synopsis

The remote service is protected with default credentials.

Description

The remote StarWind control port is configured to use the default credentials to control access. Knowing these, an attacker can gain administrative control of the affected application.

Solution

Edit the StarWind configuration file and change the login credentials in the authentication section. Then, restart the service to put the changes into effect.

Plugin Details

Severity: High

ID: 29701

File Name: starwind_default_creds.nasl

Version: Revision: 1.11

Type: remote

Family: Misc.

Published: 12/17/2007

Updated: 12/14/2016

Supported Sensors: Nessus

Risk Information

CVSS v2

Risk Factor: High

Base Score: 7.5

Temporal Score: 7.5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P

Vulnerability Information

Excluded KB Items: global_settings/supplied_logins_only

Detections

Analytics