Scrutinizer Default Credentials Check

high Nessus Plugin ID 61597

Language:

Synopsis

The remote host is running a web application with default credentials.

Description

The Scrutinizer install on the remote host is using default credentials for the 'admin' user. Using these credentials, it is possible to login and gain access to the back end administrative interface.

Solution

Change passwords for default accounts.

Plugin Details

Severity: High

ID: 61597

File Name: scrutinizer_default_creds.nasl

Version: 1.7

Type: remote

Family: CGI abuses

Published: 8/20/2012

Updated: 1/19/2021

Supported Sensors: Nessus

Risk Information

CVSS v2

Risk Factor: High

Base Score: 7.5

Temporal Score: 7.5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P

Vulnerability Information

CPE: cpe:/a:dell:sonicwall_scrutinizer

Required KB Items: www/scrutinizer_netflow_sflow_analyzer

Excluded KB Items: global_settings/supplied_logins_only

Detections

Analytics