Palo Alto Networks PAN-OS Firewall/Panorama WebUI Default Credentials

This script is Copyright (C) 2013-2016 Tenable Network Security, Inc.


Synopsis :

A web application on the remote host is protected using default
credentials.

Description :

The Palo Alto Networks PAN-OS Firewall / Panorama WebUI interface on
the remote host has the 'admin' user account secured with the default
password. An unauthenticated, remote attacker can exploit this to gain
administrative access to the web interface.

See also :

http://www.nessus.org/u?428c8b63

Solution :

Secure the 'admin' user account with a strong password.

Risk factor :

High / CVSS Base Score : 7.5
(CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P)
CVSS Temporal Score : 6.4
(CVSS2#E:F/RL:TF/RC:ND)
Public Exploit Available : true

Family: Firewalls

Nessus Plugin ID: 71496 ()

Bugtraq ID:

CVE ID: