IBM RSA Default Credentials

Critical Nessus Plugin ID 50348


The remote service is protected with default credentials.


The IBM Remote Supervisor Adapter is configured to use the default credentials to control access. Knowing these, an attacker can gain total control of the machine.


Edit the IBM RSA configuration and change the login credentials.

See Also

Plugin Details

Severity: Critical

ID: 50348

File Name: ibm_rsa_www_default_creds.nasl

Version: $Revision: 1.11 $

Type: remote

Family: Web Servers

Published: 2010/10/26

Modified: 2016/11/23

Dependencies: 45356

Risk Information

Risk Factor: Critical


Base Score: 10

Temporal Score: 10

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

Temporal Vector: CVSS2#E:H/RL:ND/RC:ND

Vulnerability Information

CPE: cpe:/a:ibm:remote_supervisor_adapter_ii_firmware

Required KB Items: www/IBM_RSA

Excluded KB Items: global_settings/supplied_logins_only