|
Family: General --> Category: infos
Brightmail Control Center Default Account/Password Vulnerability Scan
Vulnerability Scan Summary Checks for default account / password in Brightmail Control Center
Detailed Explanation for this Vulnerability Test
Synopsis :
The remote server uses known authentication credentials.
Description :
The remote host is running Symantec's Brightmail Control Center, a
web-based administration tool for Brightmail AntiSpam.
The installation of Brightmail Control Center on the remote host still
has an account 'admin' with the default password 'symantec'. An
attacker can exploit this issue to gain access of the Control Center
and any scanners it controls.
Solution :
Log in to the Brightmail Control Center and change the password for
the 'admin' user.
Threat Level:
High / CVSS Base Score : 7
(AV:R/AC:L/Au:NR/C:P/A:P/I:P/B:N)
Click HERE for more information and discussions on this network vulnerability scan.
|