Detections
Analytics

AXIS Camera Unconfigured Password Detection

critical Nessus Plugin ID 123935

Language:

Synopsis

The remote device is displaying an initial password configuration dialog.

Description

The remote host seems to be an Axis Network Camera. Initial configuration of this device has not yet been performed, allowing anyone to set the administrator password.

Solution

Follow the vendor recommendation for performing the initial device configuration.

See Also

http://www.nessus.org/u?2ba3d005

Plugin Details

Severity: Critical

ID: 123935

File Name: axis_www_unconfigured_password_detect.nasl

Version: 1.5

Type: remote

Family: Misc.

Published: 4/9/2019

Updated: 1/22/2020

Asset Inventory: true

Hardware Inventory: true

OS Identification: true

Supported Sensors: Nessus

Risk Information

CVSS Score Rationale: Tenable score for unconfigured credentials.

CVSS v2

Risk Factor: Critical

Base Score: 10

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

CVSS Score Source: manual

CVSS v3

Risk Factor: Critical

Base Score: 9.8

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Vulnerability Information

CPE: x-cpe:/h:axis:network_camera

Required KB Items: installed_sw/AXIS device