Detections
Analytics

SolarWinds Log and Event Manager Default Credentials

critical Nessus Plugin ID 78916

Language:

Synopsis

The remote web server hosts a web application protected with default credentials.

Description

The remote SolarWinds Log and Event Manager install, a security information and event management (SIEM) solution, is protected with a set of known default credentials that allow administrator level access to the appliance.

Solution

Change the password for the 'admin' user.

See Also

http://www.nessus.org/u?e583e3fd

Plugin Details

Severity: Critical

ID: 78916

File Name: solarwinds_lem_default_creds.nasl

Version: 1.4

Type: remote

Family: CGI abuses

Published: 11/7/2014

Updated: 1/19/2021

Supported Sensors: Nessus

Risk Information

CVSS v2

Risk Factor: Critical

Base Score: 10

Temporal Score: 10

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

Vulnerability Information

CPE: cpe:/a:solarwinds:log_and_event_manager

Required KB Items: installed_sw/SolarWinds Log and Event Manager

Excluded KB Items: global_settings/supplied_logins_only