McAfee Cloud Single Sign On WebUI Default Credentials

high Nessus Plugin ID 73185

Language:

Synopsis

A web application on the remote host is protected using default credentials.

Description

The McAfee Cloud Single Sign On WebUI interface on the remote host has the 'admin' user account secured with the default password. A remote, unauthenticated attacker could exploit this to gain administrative access to the web interface.

Solution

Secure the 'admin' user account with a strong password.

Plugin Details

Severity: High

ID: 73185

File Name: mcafee_csso_webui_default_creds.nasl

Version: 1.5

Type: remote

Family: CGI abuses

Published: 3/25/2014

Updated: 1/19/2021

Supported Sensors: Nessus

Risk Information

CVSS v2

Risk Factor: High

Base Score: 7.5

Temporal Score: 7.5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P

Vulnerability Information

CPE: cpe:/a:mcafee:cloud_single_sign_on, cpe:/a:mcafee:cloud_identity_manager

Required KB Items: www/mcafee_csso

Excluded KB Items: global_settings/supplied_logins_only

Detections

Analytics