Detections
Analytics

IBM RSA Default Credentials

critical Nessus Plugin ID 50348

Language:

Synopsis

The remote service is protected with default credentials.

Description

The IBM Remote Supervisor Adapter is configured to use the default credentials to control access. Knowing these, an attacker can gain total control of the machine.

Solution

Edit the IBM RSA configuration and change the login credentials.

See Also

http://www.nessus.org/u?1d40069a

Plugin Details

Severity: Critical

ID: 50348

File Name: ibm_rsa_www_default_creds.nasl

Version: 1.12

Type: remote

Family: Web Servers

Published: 10/26/2010

Updated: 11/15/2018

Supported Sensors: Nessus

Risk Information

CVSS v2

Risk Factor: Critical

Base Score: 10

Temporal Score: 10

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

Vulnerability Information

CPE: cpe:/a:ibm:remote_supervisor_adapter_ii_firmware

Required KB Items: www/IBM_RSA

Excluded KB Items: global_settings/supplied_logins_only