Plugins Pipeline
Newest
Updated
Search
Nessus Families
WAS Families
NNM Families
LCE Families
Tenable.ot Families
About Plugin Families
Nessus Release Notes
Audits
Tenable.cs Policies
Tenable.ad Indicators
Attack Path Techniques

VNC Server 'password' Password

critical Nessus Plugin ID 61708

Language:

Synopsis

A VNC server running on the remote host is secured with a weak password.

Description

The VNC server running on the remote host is secured with a weak password. Nessus was able to login using VNC authentication and a password of 'password'. A remote, unauthenticated attacker could exploit this to take control of the system.

Solution

Secure the VNC service with a strong password.

Plugin Details

Severity: Critical

ID: 61708

File Name: vnc_password_password.nasl

Version: Revision: 1.2

Type: remote

Family: Gain a shell remotely

Published: 8/29/2012

Updated: 9/24/2015

Risk Information

CVSS v2

Risk Factor: Critical

Base Score: 10

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C