Synopsis
The remote web service is protected with default credentials.
Description
The remote host is running HP OpenView Client Configuration Manager (OVCCM), a PC software configuration management application.
The remote installation of OVCCM is configured to use default credentials to control access. Knowing these, an attacker can gain control of the affected application.
Solution
Change the password for the 'admin' account by logging into OVCCM, navigating to 'Configuration / Console Access', and editing the 'admin' account.
Plugin Details
File Name: ovccm_default_creds.nasl
Supported Sensors: Nessus
Vulnerability Information
Excluded KB Items: global_settings/supplied_logins_only