Synopsis
The administration console for the remote web server is protected with default credentials.
Description
The remote host is running Adobe Document Server, a server that dynamically creates and manipulates PDF documents as well as graphic images.
The installation of Adobe Document Server on the remote host uses the default username and password to control access to its administrative console. Knowing these, an attacker can gain control of the affected application.
Solution
Login via the administration interface and change the password for the admin account.
Plugin Details
File Name: adobe_document_server_default_creds.nasl
Supported Sensors: Nessus
Risk Information
Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P
Vulnerability Information
CPE: cpe:/a:adobe:document_server
Excluded KB Items: global_settings/supplied_logins_only