Apache Axis2 Default Credentials

critical Nessus Plugin ID 46740

Synopsis

The remote web server hosts a web application that uses default credentials.

Description

The installation of Apache Axis2 hosted on the remote web server uses a default set of credentials to control access to its administrative console. A remote attacker can exploit this to gain administrative control.

Solution

Login via the administrative interface and change the password for the 'admin' account.

See Also

https://www.securityfocus.com/archive/1/514284/30/0/threaded

https://seclists.org/bugtraq/2010/Oct/100

https://www.securityfocus.com/archive/1/516029

Plugin Details

Severity: Critical

ID: 46740

File Name: apache_axis2_default_creds.nasl

Version: 1.31

Type: remote

Family: CGI abuses

Published: 5/27/2010

Updated: 6/5/2024

Configuration: Enable thorough checks

Supported Sensors: Nessus

Enable CGI Scanning: true

Risk Information

VPR

Risk Factor: High

Score: 7.4

CVSS v2

Risk Factor: Critical

Base Score: 10

Temporal Score: 9.5

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

CVSS Score Source: CVE-2010-0219

Vulnerability Information

CPE: cpe:/a:apache:axis2

Required KB Items: installed_sw/Axis2

Excluded KB Items: Settings/disable_cgi_scanning, global_settings/supplied_logins_only

Exploit Available: true

Exploit Ease: Exploits are available

Exploitable With

Core Impact

Metasploit (Axis2 / SAP BusinessObjects Authenticated Code Execution (via SOAP))

Reference Information

CVE: CVE-2010-0219

BID: 44055, 45625

CERT: 989719