F5 Networks BIG-IP Web Interface Default Credential Check

critical Nessus Plugin ID 76942

Synopsis

The remote host is running a web administration interface with known default credentials.

Description

Nessus was able to login to the administrative interface on the remote F5 Networks BIG-IP device using a known set of default credentials.

Solution

Change the password for the 'admin' account.

See Also

http://www.nessus.org/u?ec6a297f

Plugin Details

Severity: Critical

ID: 76942

File Name: bigip_web_interface_default_creds.nasl

Version: 1.4

Type: remote

Family: CGI abuses

Published: 7/31/2014

Updated: 1/19/2021

Supported Sensors: Nessus

Risk Information

CVSS v2

Risk Factor: Critical

Base Score: 10

Temporal Score: 10

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

Vulnerability Information

CPE: cpe:/h:f5:big-ip

Required KB Items: www/bigip

Excluded KB Items: global_settings/supplied_logins_only