IBM Tivoli Management Framework Endpoint addr URL Default Credentials
High Nessus Plugin ID 54987
SynopsisIt is possible to authenticate to the remote server using the default credentials.
DescriptionThe remote Tivoli Endpoint installation is secured by default credentials. Nessus is able to make authenticated requests to '/addr' by using the username 'tivoli' and password 'boss', which are hard-coded in the server executable.
A remote, unauthenticated attacker could change the endpoint's configuration or disable the web interface by using these default credentials.
SolutionDisable the ability to change endpoint configuration from the browser using the 'http_disable' configuration setting. Refer to the IBM documentation for more information.