F5 Device Default Support Password

critical Nessus Plugin ID 10820

Synopsis

The remote service is protected with default administrative credentials.

Description

The remote F5 Networks device has the default password set for the 'support' user account. This account normally provides read/write access to the web configuration utility. An attacker could take advantage of this to reconfigure your systems and possibly gain shell access to the system with super-user privileges.

Solution

Remove the 'support' account entirely or change the password of this account to something that is difficult to guess.

Plugin Details

Severity: Critical

ID: 10820

File Name: DDI_F5_Default_Support.nasl

Version: 1.18

Type: remote

Family: Misc.

Published: 12/6/2001

Updated: 6/12/2020

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 5.9

CVSS v2

Risk Factor: Critical

Base Score: 10

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

Vulnerability Information

Excluded KB Items: global_settings/supplied_logins_only

Exploit Available: true

Exploit Ease: Exploits are available

Exploitable With

Metasploit (SNMP Community Scanner)

Reference Information

CVE: CVE-1999-0508