Detections
Analytics

Web Common Credentials

critical Nessus Plugin ID 50504

Language:

Synopsis

It was possible to access protected web pages by using common credentials.

Description

Nessus was able to read protected web pages by using common login and password combinations.

Solution

Reconfigure the affected web pages to use a stronger password.

Plugin Details

Severity: Critical

ID: 50504

File Name: web_common_credentials.nasl

Version: 1.14

Type: remote

Family: CGI abuses

Published: 11/6/2010

Updated: 3/11/2021

Supported Sensors: Nessus

Risk Information

CVSS Score Rationale: Common credentials

CVSS v2

Risk Factor: High

Base Score: 7.5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P

CVSS Score Source: manual

CVSS v3

Risk Factor: Critical

Base Score: 9.8

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Vulnerability Information

Excluded KB Items: global_settings/supplied_logins_only