Palo Alto Networks PAN-OS Firewall/Panorama WebUI Default Credentials

This script is Copyright (C) 2013 Tenable Network Security, Inc.


Synopsis :

A web application on the remote host is protected using default
credentials.

Description :

The Palo Alto Networks PAN-OS Firewall / Panorama WebUI interface on
the remote host has the 'admin' user account secured with the default
password. A remote, unauthenticated attacker could exploit this to gain
administrative access to the web interface.

See also :

https://live.paloaltonetworks.com/docs/DOC-1126

Solution :

Secure the 'admin' user account with a strong password.

Risk factor :

High / CVSS Base Score : 7.5
(CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P)
CVSS Temporal Score : 7.5
(CVSS2#E:H/RL:ND/RC:ND)
Public Exploit Available : true

Family: Firewalls

Nessus Plugin ID: 71496 ()

Bugtraq ID:

CVE ID: