IBM Network Security Protection XGS Default Credentials

critical Nessus Plugin ID 80334

Language:

Synopsis

The remote device is running a web application that uses a default set of credentials.

Description

Nessus was able to login to the remote IBM Network Security Protection XGS device using a known set of default credentials. This allows a remote attacker to gain administrative access to the device.

Solution

Change the password for the default 'admin account.

Plugin Details

Severity: Critical

ID: 80334

File Name: ibm_xgs_default_creds.nasl

Version: 1.3

Type: remote

Family: CGI abuses

Published: 1/2/2015

Updated: 1/19/2021

Supported Sensors: Nessus

Risk Information

CVSS v2

Risk Factor: Critical

Base Score: 10

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

Vulnerability Information

CPE: cpe:/o:ibm:security_network_protection_firmware

Required KB Items: Host/IBM/XGS/version

Excluded KB Items: global_settings/supplied_logins_only

Detections

Analytics