NSClient Default Password

Medium Nessus Plugin ID 40330


The remote monitoring agent is configured with a default password.


The remote host is running an instance of NSClient, an addon for Nagios used to monitor Windows hosts, configured using a default password. Anyone can connect to it and retrieve sensitive information, such as process and service states, memory usage, etc.


Configure the remote instance of NSClient to use a different password.

Plugin Details

Severity: Medium

ID: 40330

File Name: nsclient_default_password.nasl

Version: $Revision: 1.7 $

Type: remote

Family: Misc.

Published: 2009/07/20

Modified: 2016/11/23

Dependencies: 17975

Risk Information

Risk Factor: Medium


Base Score: 5

Temporal Score: 5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N

Temporal Vector: CVSS2#E:H/RL:ND/RC:ND

Vulnerability Information

Excluded KB Items: global_settings/supplied_logins_only