F5 Device Default Support Password

Critical Nessus Plugin ID 10820

New! Vulnerability Priority Rating (VPR)

Tenable calculates a dynamic VPR for every vulnerability. VPR combines vulnerability information with threat intelligence and machine learning algorithms to predict which vulnerabilities are most likely to be exploited in attacks. Read more about what VPR is and how it's different from CVSS.

VPR Score: 5.9

Synopsis

The remote service is protected with default administrative credentials.

Description

The remote F5 Networks device has the default password set for the 'support' user account. This account normally provides read/write access to the web configuration utility. An attacker could take advantage of this to reconfigure your systems and possibly gain shell access to the system with super-user privileges.

Solution

Remove the 'support' account entirely or change the password of this account to something that is difficult to guess.

Plugin Details

Severity: Critical

ID: 10820

File Name: DDI_F5_Default_Support.nasl

Version: 1.18

Type: remote

Family: Misc.

Published: 2001/12/06

Updated: 2020/06/12

Dependencies: 10107

Risk Information

Risk Factor: Critical

VPR Score: 5.9

CVSS v2.0

Base Score: 10

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

Vulnerability Information

Excluded KB Items: global_settings/supplied_logins_only

Exploit Available: true

Exploit Ease: Exploits are available

Exploitable With

Metasploit (SNMP Community Scanner)

Reference Information

CVE: CVE-1999-0508