Detections
Analytics

Quantum vmPRO Default Credentials Check

critical Nessus Plugin ID 73159

Language:

Synopsis

The remote host is running a web application that uses a default set of credentials.

Description

Nessus was able to login to the remote web administration interface of the Quantum vmPRO appliance using a known set of default credentials. A remote attacker using these credentials would have complete control of the appliance.

Solution

Change the password for the default sysadmin account.

See Also

http://www.nessus.org/u?59e03804

Plugin Details

Severity: Critical

ID: 73159

File Name: quantum_vmpro_default_creds.nasl

Version: 1.3

Type: remote

Family: CGI abuses

Published: 3/24/2014

Updated: 1/19/2021

Supported Sensors: Nessus

Risk Information

CVSS v2

Risk Factor: Critical

Base Score: 10

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

Vulnerability Information

CPE: x-cpe:/a:quantum:vmpro

Required KB Items: www/quantum_vmpro

Excluded KB Items: global_settings/supplied_logins_only