3Com Web Management Interface Default Credentials

critical Nessus Plugin ID 73190

Synopsis

The remote web server can be accessed with a default set of credentials.

Description

The remote 3Com Web Management Interface that uses a set of known, default credentials. Knowing these, an attacker can gain control of the device.

Solution

Log into the server and change the passwords for any affected accounts.

Plugin Details

Severity: Critical

ID: 73190

File Name: 3com_switch_http_default_creds.nasl

Version: 1.5

Type: remote

Family: CGI abuses

Published: 3/25/2014

Updated: 4/11/2022

Configuration: Enable thorough checks

Supported Sensors: Nessus

Risk Information

CVSS v2

Risk Factor: Critical

Base Score: 10

Temporal Score: 10

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

Vulnerability Information

CPE: cpe:/h:hp:3com_switch

Required KB Items: www/3com

Excluded KB Items: global_settings/supplied_logins_only