DiskPulse Server Default Credentials

critical Nessus Plugin ID 51094

Synopsis

The remote service is protected using default credentials.

Description

It is possible to log into the DiskPulse server with the default username and password ('diskpulse'/'diskpulse').

This could allow an attacker to view and change the DiskPulse configuration and the server itself.

Solution

Change the default password on the DiskPulse server.

See Also

https://www.diskpulse.com/diskpulse_server.html

Plugin Details

Severity: Critical

ID: 51094

File Name: diskpulse_default_credentials.nasl

Version: 1.12

Type: remote

Agent: windows

Family: Windows

Published: 12/9/2010

Updated: 11/15/2018

Supported Sensors: Nessus

Risk Information

CVSS v2

Risk Factor: Critical

Base Score: 10

Temporal Score: 10

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

Vulnerability Information

Excluded KB Items: global_settings/supplied_logins_only