Nortel Meridian Integrated RAN Default Admin Credentials

critical Nessus Plugin ID 72665

Synopsis

The remote system can be accessed with default credentials.

Description

The remote device is a Nortel Meridian Integrated RAN (MIRAN) that uses a set of known, default credentials ('admin' / 'admin000'). Knowing these, an attacker able to connect to the service can gain complete control of the device.

Nortel MIRAN is a system card that provides multi-tasking voice processing applications such as Recorded Announcement (RAN) and Music-On-Hold (MOH).

Solution

Log into the remote host and change the default login credentials.

Plugin Details

Severity: Critical

ID: 72665

File Name: nortel_miran_default_admin_credentials.nasl

Version: Revision: 1.6

Type: remote

Family: Misc.

Published: 2/24/2014

Updated: 5/30/2017

Supported Sensors: Nessus

Risk Information

CVSS v2

Risk Factor: Critical

Base Score: 10

Temporal Score: 10

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

Vulnerability Information

Excluded KB Items: global_settings/supplied_logins_only