Detections
Analytics

Citrix NetScaler Web Management Interface Default Administrator Credentials

high Nessus Plugin ID 66394

Language:

Synopsis

A web application is protected using default administrative credentials.

Description

The remote Citrix NetScaler Web Management Interface uses a default password ('nsroot') for the administrator account ('nsroot').

With this information, an attacker can gain complete administrative access to the Citrix NetScaler appliance.

Solution

Reset the nsroot password.

See Also

http://www.nessus.org/u?74336bf9

Plugin Details

Severity: High

ID: 66394

File Name: netscaler_web_default_creds.nasl

Version: 1.5

Type: remote

Family: Web Servers

Published: 5/13/2013

Updated: 4/11/2022

Configuration: Enable thorough checks

Supported Sensors: Nessus

Risk Information

CVSS v2

Risk Factor: High

Base Score: 7.5

Temporal Score: 7.5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P

Vulnerability Information

CPE: cpe:/a:citrix:netscaler

Required KB Items: www/netscaler

Excluded KB Items: global_settings/supplied_logins_only